grand.online Open in urlscan Pro
5.22.184.38 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://grand.online/
Effective URL:
https://grand.online/
Submission: On May 20 via manual (May 20th 2022, 10:12:36 am UTC) from SG — Scanned from DE

Summary HTTP 310 Redirects Links 69 Behaviour Indicators

Summary

This website contacted 56 IPs in 8 countries across 34 domains to perform 310 HTTP transactions. The main IP is 5.22.184.38, located in Serbia and belongs to SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS. The main domain is grand.online. The Cisco Umbrella rank of the primary domain is 748628.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 6th 2021. Valid for: a year.

This is the only time grand.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 82	5.22.184.38 5.22.184.38	31042 (SERBIA-BR...) (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o.)
1 8	46.19.11.36 46.19.11.36	51790 (SIEL) (SIEL)
2	2a02:26f0:170... 2a02:26f0:1700:11::b856:6785	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
6	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1 1	2a03:2880:f21... 2a03:2880:f21c:81c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
1 2	2a03:2880:f21... 2a03:2880:f21c:81e5:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK)
7	46.19.9.50 46.19.9.50	51790 (SIEL) (SIEL)
1	2600:9000:231... 2600:9000:2315:9800:18:1fcd:351:7bc1	16509 (AMAZON-02) (AMAZON-02)
1 4	141.95.47.70 141.95.47.70	16276 (OVH) (OVH)
13	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
32	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	46.19.9.32 46.19.9.32	51790 (SIEL) (SIEL)
2 2	37.157.4.25 37.157.4.25	198622 (ADFORM) (ADFORM)
1	146.59.30.108 146.59.30.108	16276 (OVH) (OVH)
1	2a02:26f0:170... 2a02:26f0:1700:794::f09	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
1	44.194.96.154 44.194.96.154	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:400c:c01::9c	15169 (GOOGLE) (GOOGLE)
16	185.97.52.29 185.97.52.29	51790 (SIEL) (SIEL)
1	46.19.8.15 46.19.8.15	51790 (SIEL) (SIEL)
4	46.19.9.11 46.19.9.11	51790 (SIEL) (SIEL)
1	34.102.146.192 34.102.146.192	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	52.24.215.1 52.24.215.1	16509 (AMAZON-02) (AMAZON-02)
1	46.105.202.126 46.105.202.126	16276 (OVH) (OVH)
1	18.189.50.18 18.189.50.18	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1 2	34.120.107.143 34.120.107.143	15169 (GOOGLE) (GOOGLE)
1	37.157.6.235 37.157.6.235	198622 (ADFORM) (ADFORM)
5	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6 8	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
6 10	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
4 6	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	109.206.182.78 109.206.182.78	50245 (SERVEREL-AS) (SERVEREL-AS)
1	109.206.161.115 109.206.161.115	50245 (SERVEREL-AS) (SERVEREL-AS)
16	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
1	141.95.98.67 141.95.98.67	16276 (OVH) (OVH)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
1	74.125.133.154 74.125.133.154	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21f... 2600:9000:21f3:de00:2:d490:4d80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:206... 2600:9000:206f:6200:4:b37b:9440:93a1	16509 (AMAZON-02) (AMAZON-02)
5	142.251.36.66 142.251.36.66	15169 (GOOGLE) (GOOGLE)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:66::6	15169 (GOOGLE) (GOOGLE)
3	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
310	56

82 5.22.184.38 (Serbia) 1 redirects

ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS)
PTR: www.grand.online

grand.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 46.19.11.36 (Slovenia) 1 redirects

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si

analytics.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:1700:11::b856:6785 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

consent.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f21c:81c4:face:b00c:0:43fe (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

platform.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f21c:81e5:face:b00c:0:4420 (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 46.19.9.50 (Slovenia)

ASN51790 (SIEL, SI)
PTR: 2E130C26.rDNS.SiEL.si

ug.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracker_ug.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2315:9800:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 141.95.47.70 (Paris, France) 1 redirects

ASN16276 (OVH, FR)
PTR: ns31479462.ip-141-95-47.eu

gars.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scontent.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.9.32 (Slovenia)

ASN51790 (SIEL, SI)
PTR: trfx.serv.si

collector_sr.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.25 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.30.108 (France)

ASN16276 (OVH, FR)
PTR: ip108.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:1700:794::f09 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

consentcdn.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.194.96.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-96-154.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c01::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 185.97.52.29 (Slovenia)

ASN51790 (SIEL, SI)
PTR: cex1.vsn.serv.si

images4.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.8.15 (Slovenia)

ASN51790 (SIEL, SI)
PTR: 2E130833.rDNS.SiEL.si

www.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.19.9.11 (Slovenia)

ASN51790 (SIEL, SI)
PTR: trafex.serv.si

hb.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.24.215.1 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-24-215-1.us-west-2.compute.amazonaws.com

id.sharedid.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.202.126 (France)

ASN16276 (OVH, FR)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.189.50.18 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-189-50-18.us-east-2.compute.amazonaws.com

prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.235 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.162 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 23.35.236.247 (Frankfurt am Main, Germany) 6 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.172.123 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 109.206.182.78 (Netherlands) 2 redirects

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.182.78.serverel.net

sync2.adnetwork.agency	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.206.161.115 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.161.115.serverel.net

sync1.adnetwork.agency	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.67 (France)

ASN16276 (OVH, FR)
PTR: ns3216533.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.133.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f154.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:de00:2:d490:4d80:93a1 (United States)

ASN16509 (AMAZON-02, US)

wrappers.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:6200:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)

rumcdn.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.36.66 (United States)

ASN15169 (GOOGLE, US)
PTR: prg03s10-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:66::6 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r1---sn-4g5e6nze.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
82	grand.online 1 redirects grand.online — Cisco Umbrella Rank: 748628	7 MB
46	googlesyndication.com f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 95 tpc.googlesyndication.com — Cisco Umbrella Rank: 130 ade.googlesyndication.com — Cisco Umbrella Rank: 269	244 KB
37	contentexchange.me 1 redirects analytics.contentexchange.me — Cisco Umbrella Rank: 117113 ug.contentexchange.me — Cisco Umbrella Rank: 170432 collector_sr.contentexchange.me match.contentexchange.me — Cisco Umbrella Rank: 21825 tracker_ug.contentexchange.me images4.contentexchange.me — Cisco Umbrella Rank: 120960 www.contentexchange.me — Cisco Umbrella Rank: 168563 hb.contentexchange.me — Cisco Umbrella Rank: 127173	739 KB
30	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 599 scontent.xx.fbcdn.net — Cisco Umbrella Rank: 328	610 KB
28	doubleclick.net 6 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 187 stats.g.doubleclick.net — Cisco Umbrella Rank: 92 googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 cm.g.doubleclick.net — Cisco Umbrella Rank: 212 bid.g.doubleclick.net — Cisco Umbrella Rank: 503 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 284	301 KB
19	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 264 gcdn.2mdn.net — Cisco Umbrella Rank: 941 r1---sn-4g5e6nze.c.2mdn.net	3 MB
18	gstatic.com fonts.gstatic.com csi.gstatic.com	181 KB
10	casalemedia.com 6 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 557	9 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 240	6 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46 imasdk.googleapis.com — Cisco Umbrella Rank: 407	128 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	51 KB
5	gemius.pl 1 redirects gars.hit.gemius.pl — Cisco Umbrella Rank: 71341 ls.hit.gemius.pl — Cisco Umbrella Rank: 12133	18 KB
4	google.com adservice.google.com — Cisco Umbrella Rank: 74 www.google.com — Cisco Umbrella Rank: 7	1 KB
3	adnetwork.agency 2 redirects sync2.adnetwork.agency — Cisco Umbrella Rank: 134753 sync1.adnetwork.agency — Cisco Umbrella Rank: 137767	1 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 393 mug.criteo.com — Cisco Umbrella Rank: 2669	8 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 4556 google-bidout-d.openx.net — Cisco Umbrella Rank: 4222	571 B
3	adform.net 2 redirects dmp.adform.net — Cisco Umbrella Rank: 2468 s1.adform.net — Cisco Umbrella Rank: 8427	25 KB
3	instagram.com 2 redirects platform.instagram.com — Cisco Umbrella Rank: 7125 www.instagram.com — Cisco Umbrella Rank: 1127	5 KB
3	cookiebot.com consent.cookiebot.com — Cisco Umbrella Rank: 4801 consentcdn.cookiebot.com — Cisco Umbrella Rank: 5547	84 KB
2	geoedge.be wrappers.geoedge.be — Cisco Umbrella Rank: 20435 rumcdn.geoedge.be — Cisco Umbrella Rank: 1548	57 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 175	83 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1573 id5-sync.com — Cisco Umbrella Rank: 663	12 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	85 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 432	2 KB
1	uidapi.com prod.uidapi.com — Cisco Umbrella Rank: 5921	5 KB
1	sharedid.org id.sharedid.org — Cisco Umbrella Rank: 5577	904 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 621	12 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 4607	8 KB
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1180	201 B
1	google.de adservice.google.de — Cisco Umbrella Rank: 7678	792 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	33 KB
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1226	14 KB
0	Failed function sub() { [native code] }. Failed
310	34

	Domain	Requested by
82	grand.online	1 redirects grand.online
28	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
23	pagead2.googlesyndication.com	f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net grand.online securepubads.g.doubleclick.net www.googletagservices.com
16	s0.2mdn.net	grand.online s0.2mdn.net f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com
16	tpc.googlesyndication.com	f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com tpc.googlesyndication.com imasdk.googleapis.com s0.2mdn.net securepubads.g.doubleclick.net
16	images4.contentexchange.me	grand.online
13	fonts.gstatic.com	fonts.googleapis.com
10	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
7	googleads.g.doubleclick.net	f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com grand.online
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
6	tracker_ug.contentexchange.me	ug.contentexchange.me tracker_ug.contentexchange.me grand.online
6	securepubads.g.doubleclick.net	grand.online securepubads.g.doubleclick.net f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com
6	analytics.contentexchange.me	grand.online analytics.contentexchange.me
5	googleads4.g.doubleclick.net	grand.online
5	csi.gstatic.com	imasdk.googleapis.com
5	www.facebook.com	grand.online static.xx.fbcdn.net
4	hb.contentexchange.me	grand.online hb.contentexchange.me
4	f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	gars.hit.gemius.pl	1 redirects grand.online gars.hit.gemius.pl
4	fonts.googleapis.com	grand.online tracker_ug.contentexchange.me f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com
3	ade.googlesyndication.com	grand.online
3	www.google.com	f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com tpc.googlesyndication.com
2	r1---sn-4g5e6nze.c.2mdn.net	grand.online
2	scontent.xx.fbcdn.net	www.facebook.com
2	sync2.adnetwork.agency	2 redirects
2	gum.criteo.com	1 redirects static.criteo.net
2	oajs.openx.net	1 redirects grand.online
2	imasdk.googleapis.com	f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com
2	www.googletagservices.com	f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com
2	www.google-analytics.com	grand.online www.google-analytics.com
2	match.contentexchange.me	1 redirects grand.online
2	dmp.adform.net	2 redirects
2	connect.facebook.net	grand.online connect.facebook.net
2	www.instagram.com	1 redirects grand.online
2	consent.cookiebot.com	grand.online consent.cookiebot.com
1	gcdn.2mdn.net	1 redirects
1	google-bidout-d.openx.net	oa.openxcdn.net
1	rumcdn.geoedge.be	hb.contentexchange.me
1	cdn.jsdelivr.net	hb.contentexchange.me
1	wrappers.geoedge.be	hb.contentexchange.me
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	mug.criteo.com	grand.online
1	id5-sync.com	cdn.id5-sync.com
1	sync1.adnetwork.agency	grand.online
1	s1.adform.net	hb.contentexchange.me
1	prod.uidapi.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	id.sharedid.org	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	www.contentexchange.me	grand.online
1	stats.g.doubleclick.net	www.google-analytics.com
1	ping.chartbeat.net	grand.online
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	consentcdn.cookiebot.com	consent.cookiebot.com
1	ls.hit.gemius.pl	gars.hit.gemius.pl
1	collector_sr.contentexchange.me	grand.online
1	www.googletagmanager.com	analytics.contentexchange.me
1	static.chartbeat.com	grand.online
1	ug.contentexchange.me	grand.online
1	platform.instagram.com	1 redirects
0	truncated Failed	grand.online
310	64

This site contains links to these domains. Also see Links.

Domain
www.admedo.com
www.internedservices.nl
www.bidswitch.com
integralads.com
policies.google.com
www.cookiebot.com
www.exactag.com
www.mgid.com
vimeo.com
www.appnexus.com
www.gemius.pl
www.quantcast.com
crimtan.com
www.rhythmone.com
unruly.co
improvedigital.com
triplelift.com
site.adform.com
www.criteo.com
www.amobee.com
www.adition.com
www.mediamath.com
www.thetradedesk.com
policies.oath.com
www.blis.com
www.oracle.com
www.casalemedia.com
www.adobe.com
www.contentexchange.me
help.instagram.com
www.sovrn.com
www.openx.com
pubmatic.com
zetaglobal.com
simpli.fi
www.simpli.fi
www.spotx.tv
tidaltv.com
travelaudience.com
exponential.com
www.dataxu.com
chartbeat.com
sharedid.org
play.google.com
tracker_ug.contentexchange.me
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com

Subject Issuer	Validity	Valid
www.grand.online Sectigo RSA Domain Validation Secure Server CA	`2021-10-06` - `2022-10-11`	a year	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2021-05-05` - `2022-06-04`	a year	crt.sh
consent.cookiebot.com DigiCert ECC Extended Validation Server CA	`2020-06-11` - `2022-06-11`	2 years	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2022-05-06` - `2023-06-03`	a year	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2021-09-08` - `2022-09-25`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-02-26` - `2022-05-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.cookiebot.com DigiCert SHA2 Secure Server CA	`2021-07-05` - `2022-07-13`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2022-04-16` - `2022-07-15`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
id.sharedid.org Amazon	`2021-12-09` - `2023-01-06`	a year	crt.sh
cdn.id5-sync.com R3	`2022-04-13` - `2022-07-12`	3 months	crt.sh
*.uidapi.com Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-07`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.id5-sync.com R3	`2022-03-08` - `2022-06-06`	3 months	crt.sh
gw.geoedge.be Amazon	`2021-10-13` - `2022-11-10`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-05-10` - `2022-07-19`	2 months	crt.sh

This page contains 22 frames:

Primary Page: https://grand.online/
Frame ID: 89E000E3A5AF44E8CCCD9AAA3F2EE952
Requests: 162 HTTP requests in this frame

Frame: https://analytics.contentexchange.me/bex/storage.html
Frame ID: 230932DD40CF7DB6A0FF3090FE129810
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 96AF3863CCF6F2D9974DBFA192DCA473
Requests: 1 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: 3A5770117A02FF24EB3CFBA2D3DE9FDC
Requests: 1 HTTP requests in this frame

Frame: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 67AF178631E0AA37AB50B8E88A71DE67
Requests: 1 HTTP requests in this frame

Frame: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 487B8110E1A48E822CB09268AF687F5D
Requests: 15 HTTP requests in this frame

Frame: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3C051F6D07B6FB7A4FDEECE7A99376CB
Requests: 33 HTTP requests in this frame

Frame: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3D95B269D67E1182BA9B9971AB4A2935
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ3cu5ARjkzK3DATAB&v=APEucNXgPMwooE-TM9YWvnN2dWEI6H2_Kif6URpKrCBsgmDX4L558YzT5fu6gunIAZqc0UERom9GMWbDDA517mbBSZm3iJ2HjOvCbxZ9UAzZhzHdGB7GplbhtliwA89kMQCXQI-BoNeXKfdFG1waCIhn9o45uUZg3B-rK1F1Kz70pigFc0a5N_U
Frame ID: F374DF2907427CB02E1225C9FBCEAC2C
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhiD0tK7ATAB&v=APEucNWaEnDZQDpdjhTQrl7doaevSAHIVHCT9-vZsj2iEh2YfTE8S-Rx264pSFe3uxPMjGkL8gL3l60RbhvcqnPEot3qnAgeHcN_gdzJ7rT0cSlll23_11mOe1zxG3FG8PL3mgqoHzXlU7FmsT0lypZO3RwECzcU-yijPwby88F1_CyO58wLdno
Frame ID: B5BD267FE6E7711665C1BAFF69DD7FED
Requests: 5 HTTP requests in this frame

Frame: https://hb.contentexchange.me/hbscript
Frame ID: EDBAED1F6A592CCB3821690A98C8B93D
Requests: 6 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FZvezdeGrandaPrva%26tabs%3Dtimeline%26width%3D300%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dfalse%26appId%3D534904083375143
Frame ID: FEA98915E5946A3E066500BDED1F686D
Requests: 41 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=grand.online
Frame ID: 73C0C4B8480D0B78EADA4A563945EBA8
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2315661356193284096/index.html
Frame ID: 834B8E6C0D6DD01F5F2B04C8EB65C283
Requests: 8 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14428347934943306018/300x600.html?e=69&leftOffset=0&topOffset=0&c=up833lLZZb&t=1&renderingType=2&ev=01_247
Frame ID: CED50FF637BB0EB24D029C1ED4F0907A
Requests: 8 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 3DF03F5BB5A9B299F1594263EF50D95B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 564D19CB9314A2E657668CD7F8C656E0
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: EA32399B85DD1A002F37B9699EE82DF4
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: E7BC0D4C240BFF8FB372C0A4B35FF005
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js
Frame ID: E6F3D440AF6A1F620EAD9E2CDC7E8289
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 69EC57054A1E322684F5503C735567E9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 05AEA91110911688830071F237BBD07B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Grand Online

Page URL History Show full URLs

http://grand.online/ HTTP 301
https://grand.online/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Cookiebot (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.cookiebot\.com

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

310
Requests

94 %
HTTPS

51 %
IPv6

34
Domains

64
Subdomains

56
IPs

8
Countries

12903 kB
Transfer

17845 kB
Size

31
Cookies

69 Outgoing links

These are links going to different origins than the main page.

URL: https://www.admedo.com/privacy-policy
Title: Admedo

Search URL Search Domain Scan URL

URL: https://www.internedservices.nl/disclaimer-privacy-policy/
Title: KPN

Search URL Search Domain Scan URL

URL: https://www.bidswitch.com/privacy-policy/
Title: Bidswitch

Search URL Search Domain Scan URL

URL: https://integralads.com/privacy-policy/
Title: Mas Capital

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Google

Search URL Search Domain Scan URL

URL: https://www.cookiebot.com/goto/privacy-policy/
Title: Cookiebot

Search URL Search Domain Scan URL

URL: https://www.exactag.com/datenschutz/
Title: Exactag

Search URL Search Domain Scan URL

URL: https://www.mgid.com/privacy-policy
Title: Mgid

Search URL Search Domain Scan URL

URL: https://vimeo.com/privacy
Title: Vimeo

Search URL Search Domain Scan URL

URL: https://www.appnexus.com/corporate-privacy-policy
Title: Appnexus

Search URL Search Domain Scan URL

URL: http://www.gemius.pl/polityka-prywatnosci.html
Title: Gemius

Search URL Search Domain Scan URL

URL: https://www.quantcast.com/privacy/
Title: Quantcast

Search URL Search Domain Scan URL

URL: https://crimtan.com/privacy/
Title: Crimtan

Search URL Search Domain Scan URL

URL: https://www.rhythmone.com/privacy-policy
Title: RhythmOne

Search URL Search Domain Scan URL

URL: https://unruly.co/privacy/
Title: Unruly

Search URL Search Domain Scan URL

URL: https://improvedigital.com/privacy-policy/
Title: Improve Digital

Search URL Search Domain Scan URL

URL: https://triplelift.com/privacy/
Title: Triplelift

Search URL Search Domain Scan URL

URL: https://site.adform.com/privacy-center/platform-privacy/opt-out/
Title: Adform

Search URL Search Domain Scan URL

URL: https://www.criteo.com/privacy/corporate-privacy-policy/
Title: Criteo

Search URL Search Domain Scan URL

URL: https://www.amobee.com/trust/privacy-guidelines/
Title: Amobee

Search URL Search Domain Scan URL

URL: https://www.adition.com/en/privacy/
Title: Adition Technologies

Search URL Search Domain Scan URL

URL: https://www.mediamath.com/privacy-policy/
Title: MediMath

Search URL Search Domain Scan URL

URL: https://www.thetradedesk.com/general/website-privacy-policy
Title: The Trade Desk

Search URL Search Domain Scan URL

URL: https://policies.oath.com/us/en/oath/privacy/index.html
Title: Oath

Search URL Search Domain Scan URL

URL: http://www.blis.com/privacy/
Title: Blismedia.com

Search URL Search Domain Scan URL

URL: http://www.oracle.com/us/legal/privacy/
Title: Bluekai.com

Search URL Search Domain Scan URL

URL: http://www.casalemedia.com/
Title: Casale Media

Search URL Search Domain Scan URL

URL: https://www.adobe.com/privacy.html
Title: Adobe Inc.

Search URL Search Domain Scan URL

URL: http://www.contentexchange.me/terms-of-service/
Title: Content Exchange

Search URL Search Domain Scan URL

URL: https://help.instagram.com/519522125107875
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.sovrn.com/legal/privacy-policy/
Title: Sovrn

Search URL Search Domain Scan URL

URL: https://www.openx.com/legal/privacy-policy/
Title: Openx

Search URL Search Domain Scan URL

URL: https://pubmatic.com/legal/privacy/
Title: PubMatic

Search URL Search Domain Scan URL

URL: https://zetaglobal.com/privacy-policy/
Title: Zeta Global

Search URL Search Domain Scan URL

URL: https://simpli.fi/site-privacy-policy/
Title: Simpli.fi

Search URL Search Domain Scan URL

URL: https://www.simpli.fi/site-privacy-policy2/
Title: Simpli.fi

Search URL Search Domain Scan URL

URL: https://www.spotx.tv/privacy-policy/
Title: SpotX

Search URL Search Domain Scan URL

URL: http://tidaltv.com/
Title: Tidal

Search URL Search Domain Scan URL

URL: https://travelaudience.com/website-privacy-policy/
Title: Travel Audience

Search URL Search Domain Scan URL

URL: http://exponential.com/privacy/
Title: Exponential

Search URL Search Domain Scan URL

URL: https://www.dataxu.com/about-us/privacy/
Title: Dataxu

Search URL Search Domain Scan URL

URL: https://chartbeat.com/privacy/
Title: Chartbeat

Search URL Search Domain Scan URL

URL: https://sharedid.org/
Title: Sharedid

Search URL Search Domain Scan URL

URL: https://www.cookiebot.com/
Title: Cookiebot

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=online.grand.app
Title: INSTALIRAJ

Search URL Search Domain Scan URL

URL: https://tracker_ug.contentexchange.me/direct/gSsheYhXYKwNejYF9/NfSyfxPKzJuosYyGC?pv=96355c76-8dc5-4e3c-8f60-f7f8a35d5942&gdpr=2

Search URL Search Domain Scan URL

URL: https://tracker_ug.contentexchange.me/direct/gSsheYhXYKwNejYF9/NfSyfxPKzJuosYyGC?cb1653041507878
Title: U ova tri znaka se rađaju NAJGORE SVEKRVE! Njima ne treba razlog da bi vam zagorčale život

Search URL Search Domain Scan URL

URL: https://tracker_ug.contentexchange.me/direct/27FdEYDe2RZacmdS6/NfSyfxPKzJuosYyGC?cb1653041507878

Search URL Search Domain Scan URL

URL: https://tracker_ug.contentexchange.me/direct/LsixX4ZWk9x6hDA6o/NfSyfxPKzJuosYyGC?cb1653041507878

Search URL Search Domain Scan URL

URL: https://tracker_ug.contentexchange.me/direct/PvnCbzsnnqatp69Na/NfSyfxPKzJuosYyGC?cb1653041507878

Search URL Search Domain Scan URL

URL: https://tracker_ug.contentexchange.me/direct/qn2KA42m6gC8NzCZE/NfSyfxPKzJuosYyGC?cb1653041507878

Search URL Search Domain Scan URL

URL: https://tracker_ug.contentexchange.me/direct/oXjx3Gq4mgizXFXCC/NfSyfxPKzJuosYyGC?cb1653041507878

Search URL Search Domain Scan URL

URL: https://tracker_ug.contentexchange.me/direct/JKGqAd2XxHCA3sB4e/NfSyfxPKzJuosYyGC?cb1653041507878

Search URL Search Domain Scan URL

URL: https://tracker_ug.contentexchange.me/direct/BBBGx84g5HQvMShEs/NfSyfxPKzJuosYyGC?cb1653041507878

Search URL Search Domain Scan URL

URL: https://www.contentexchange.me/?utm_campaign=cex-widget&utm_source=ug&utm_medium=Grand%20Online%20-%20under%20categories%20-%20UM%20content
Title: Preporučuje Content Exchange

Search URL Search Domain Scan URL

URL: https://tracker_ug.contentexchange.me/direct/NHonnbrzdJPBa8kYX/rAKYT4L9qRLPdQr86?pv=96355c76-8dc5-4e3c-8f60-f7f8a35d5942&gdpr=2

Search URL Search Domain Scan URL

URL: https://tracker_ug.contentexchange.me/direct/NHonnbrzdJPBa8kYX/rAKYT4L9qRLPdQr86?cb1653041507877
Title: Novi posao Ševčenka: Došao u Ukrajinu na sastanak sa Zelenskim, skuplja novac

Search URL Search Domain Scan URL

URL: https://tracker_ug.contentexchange.me/direct/vqWfJNKupdNjquEBK/rAKYT4L9qRLPdQr86?cb1653041507877

Search URL Search Domain Scan URL

URL: https://tracker_ug.contentexchange.me/direct/whNavpRfo9c5GYyBo/rAKYT4L9qRLPdQr86?cb1653041507877

Search URL Search Domain Scan URL

URL: https://tracker_ug.contentexchange.me/direct/KzkjvbisETAshvSRo/rAKYT4L9qRLPdQr86?cb1653041507877

Search URL Search Domain Scan URL

URL: https://tracker_ug.contentexchange.me/direct/DMj9ymBLTwrtTunSJ/rAKYT4L9qRLPdQr86?cb1653041507877

Search URL Search Domain Scan URL

URL: https://tracker_ug.contentexchange.me/direct/dDfFe2KgQTx3zhPpj/rAKYT4L9qRLPdQr86?cb1653041507877

Search URL Search Domain Scan URL

URL: https://tracker_ug.contentexchange.me/direct/gD7sapRX8NA7RgGu5/rAKYT4L9qRLPdQr86?cb1653041507877

Search URL Search Domain Scan URL

URL: https://tracker_ug.contentexchange.me/direct/Dybcw2Xf9N4ATgScm/rAKYT4L9qRLPdQr86?cb1653041507877

Search URL Search Domain Scan URL

URL: https://www.contentexchange.me/?utm_campaign=cex-widget&utm_source=ug&utm_medium=Grand%20Online%20-%20under%20article%20-%20UM%20content
Title: Preporučuje Content Exchange

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ZvezdeGrandaPrva

Search URL Search Domain Scan URL

URL: https://twitter.com/Zvezde_Granda

Search URL Search Domain Scan URL

URL: https://www.instagram.com/zvezdegranda/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/ZvezdeGrandaVIPPER

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://grand.online/ HTTP 301
https://grand.online/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 83

https://platform.instagram.com/en_US/embeds.js HTTP 301
https://www.instagram.com/embed.js HTTP 302
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js

Request Chain 107

https://dmp.adform.net/serving/cookie/match?party=1219&cid=6287698dde5ad701f8ee206a&redirect=https://match.contentexchange.me/adform/__ADFUID__ HTTP 302
https://dmp.adform.net/serving/cookie/match?CC=1&party=1219&cid=6287698dde5ad701f8ee206a&redirect=https://match.contentexchange.me/adform/__ADFUID__ HTTP 302
https://match.contentexchange.me/adform/2642475688712310473

Request Chain 121

https://gars.hit.gemius.pl/_1653041549401/rexdot.js?l=100&id=bPqQ_we3dyIIzwyHbWqNX4XCXfZFjQeBKE3jOoyK9Xf.d7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fgrand.online%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=pee1WflcFbt_wjNZv4rKgHqzUhGL6RZTWoiEmGLISSj..78BkuiCe1AgmyUALmS7WnJun6xmRxoUC0RKNUmJUJmkP71U/UTjvkKUAaMOkw/&ltime=287&fpdata=UtHK3ZTlklKd7y2chJ211JlcqSRlgCcUIVlkz35CQR7.E7&fpcap= HTTP 301
https://gars.hit.gemius.pl/__/_1653041549401/rexdot.js?l=100&id=bPqQ_we3dyIIzwyHbWqNX4XCXfZFjQeBKE3jOoyK9Xf.d7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fgrand.online%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=pee1WflcFbt_wjNZv4rKgHqzUhGL6RZTWoiEmGLISSj..78BkuiCe1AgmyUALmS7WnJun6xmRxoUC0RKNUmJUJmkP71U/UTjvkKUAaMOkw/&ltime=287&fpdata=UtHK3ZTlklKd7y2chJ211JlcqSRlgCcUIVlkz35CQR7.E7&fpcap=

Request Chain 181

https://oajs.openx.net/esp?url=https%3A%2F%2Fgrand.online%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fgrand.online%2F&rid=esp&cc=1

Request Chain 186

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENMwYgf_1Mj-W1RQARSr_Vk&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENMwYgf_1Mj-W1RQARSr_Vk&google_cver=1&C=1

Request Chain 187

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YodpjnDv.PWmY7QlIcuZHwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFDNIbzfmjRIwlAcfo6vX5I&google_cver=1&google_hm=2

Request Chain 188

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPeg7mAT0E5ZFTKfpZJXFpo&google_cver=1

Request Chain 189

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODEzNTc3ODk2OTkzNjg5NzM0OA%3D%3D

Request Chain 190

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENMwYgf_1Mj-W1RQARSr_Vk&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENMwYgf_1Mj-W1RQARSr_Vk&google_cver=1&C=1

Request Chain 191

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YodpjvAyMhGNQAO-.CkeiwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFDNIbzfmjRIwlAcfo6vX5I&google_cver=1&google_hm=2

Request Chain 192

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPeg7mAT0E5ZFTKfpZJXFpo&google_cver=1

Request Chain 193

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODEzNTc3ODk2OTkzNjg5NzM0OA%3D%3D

Request Chain 195

https://sync2.adnetwork.agency/image?pbjs=1 HTTP 302
https://sync2.adnetwork.agency/42e07a438e71ad07eabd104f7c353355.gif?gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]&coppa=[COPPA] HTTP 302
https://match.contentexchange.me/dsp/?redirect_url=https://sync1.adnetwork.agency/dmp/sync/bex HTTP 301
https://sync1.adnetwork.agency/dmp/sync/bex?external_id=6287698dde5ad701f8ee206a

Request Chain 203

https://gum.criteo.com/sid/json?origin=publishertagids&domain=grand.online&sn=ChromeSyncframe&so=0&topUrl=grand.online&cw=1&lsw=1&topicsavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=1_4g8Xxwc3EzbjRSWWRNVU01QzNXYkxZbm9XWjFFeVd2alNWYlI4cHc3S1JldmM0eDhNbjFPb0ZkbG9DZGwyMWpVVFF3d3F3MFRVWGZlL0EwZlhnOHIrbjNRdkNsVlo5R0RhOWlNVSswTllBdkdQVXladmxsbjdsbUYveUhqUmhRL3VObWxCakxZY1dlUENKdWE2MkNoTkRDUlFkR01ESVVsKzQxamd6ODVEUGl2T2FldEJMeWl1ZWxwbGs1bHNXMEQyVVlwUTY4UThBcW1Pczk0ZWFSVnAzbGdkdXN2Z3lhUC91anFVcHRLYVRkYUVlTUlyS1RSVEx3V0tBa2hEUFZ1NTEzL0lhYUluS0lqSVVUMTFGck4rUkUwdz09fA&cppv=2

Request Chain 246

https://gcdn.2mdn.net/videoplayback/id/094d2713b5919804/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1684577550/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/A958222C8443622D5578AE7D66AB17F411692FAC.7CD848AA94F251298924FB96E624CD0A851BDFA9/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-4g5e6nze.c.2mdn.net/videoplayback/id/094d2713b5919804/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1684577550/sparams/acao,ctier,expire,hcs,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,rmhost,source/signature/823D519CFD6E628E71A7FE6A87B4DEB77E168198.3BF81FBA3C7273040555B5AAA82902AE72931F6F/key/cms1/cms_redirect/yes/hcs/ir/mh/3c/mip/2a01:4a0:1338:92::7/mm/42/mn/sn-4g5e6nze/ms/onc/mt/1653040410/mv/u/mvi/1/pl/52/rmhost/r3---sn-4g5e6nze.c.2mdn.net/file/file.mp4

310 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
grand.online/
Redirect Chain

http://grand.online/
https://grand.online/

110 KB
19 KB

293ms
119ms

Document
text/html

5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to

Full URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: e35e8b297de9d3031dbf4f4bbbadca673a9503f00d6cc3e65212daefaa566221

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Fri, 20 May 2022 10:12:28 GMT
Server: nginx
Transfer-Encoding: chunked

Redirect headers

Connection: keep-alive
Content-Length: 184
Content-Type: text/html
Date: Fri, 20 May 2022 10:12:28 GMT
Location: https://grand.online/
Server: nginx/1.8.1

GET
H/1.1 200
OK jquery-1.11.0.min.js Show response
grand.online/resources/vendor/ 94 KB
95 KB 59ms
59ms Script
application/javascript 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to

Full URL: https://grand.online/resources/vendor/jquery-1.11.0.min.js
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:28 GMT
Last-Modified: Mon, 24 Feb 2020 10:21:55 GMT
Server: nginx
ETag: W/"1787d-17076b7b1b8"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 96381

GET
H/1.1 200
OK jquery.easing-1.3.min.js Show response
grand.online/resources/vendor/ 3 KB
4 KB 173ms
59ms Script
application/javascript 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to

Full URL: https://grand.online/resources/vendor/jquery.easing-1.3.min.js
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 0eafb86acbeeb215be57085c7a657f00a5d3d678c38721759afcd79c7fe7e30a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:28 GMT
Last-Modified: Mon, 24 Feb 2020 10:21:55 GMT
Server: nginx
ETag: W/"d6c-17076b7b1b8"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 3436

GET
H/1.1 200
OK modernizr.custom.17475.js Show response
grand.online/resources/vendor/ 9 KB
9 KB 176ms
62ms Script
application/javascript 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to

Full URL: https://grand.online/resources/vendor/modernizr.custom.17475.js
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 15944a76cccc83b3f5385317a2494b26c0e6c4bdb1514e5b8b889cfdd294b713

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:28 GMT
Last-Modified: Mon, 24 Feb 2020 10:21:55 GMT
Server: nginx
ETag: W/"23d3-17076b7b1b8"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 9171

GET
H2 200 5f85aef32f8be553873579ef Show response
analytics.contentexchange.me/bex/load/ 5 KB
2 KB 171ms
53ms Script
text/javascript 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.contentexchange.me/bex/load/5f85aef32f8be553873579ef
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: 53214c5f75dc1c9417b5e7225fcaa6b3d0968579b13e640bdeeda9131124ff42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:28 GMT
content-encoding: gzip
server: nginx/1.16.1
content-type: text/javascript; charset=utf-8

GET
H2 200 5e72229c5a2877477058608a Show response
analytics.contentexchange.me/bex/load/ 5 KB
2 KB 173ms
55ms Script
text/javascript 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.contentexchange.me/bex/load/5e72229c5a2877477058608a
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: 27e04b1053f86860cd1976718facd34944c343aa5f81802892f18fd3f8aa0bcc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:29 GMT
content-encoding: gzip
server: nginx/1.16.1
content-type: text/javascript; charset=utf-8

GET
H2 200 uc.js Show response
consent.cookiebot.com/ 96 KB
29 KB 210ms
40ms Script
application/javascript 2a02:26f0:1700:11::b856:6785
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/uc.js
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:11::b856:6785 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fae0b8f255ca326bdbbafdffae74342b6eac771ef68a71072ec1eacb70dcd39a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:29 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 08:34:39 GMT
etag: "35be1ac8ff68d81:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=749
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
accept-ranges: bytes
content-length: 29783
expires: Fri, 20 May 2022 10:24:58 GMT

GET
H/1.1 200
OK style.css
grand.online/resources/icon/ 8 KB
2 KB 171ms
59ms Stylesheet
text/css 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to

Full URL: https://grand.online/resources/icon/style.css
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: cd7288102e2f4549609d9f8abbe723dbf6343e7dd70affdc1f3cfc92b0796b05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:28 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Feb 2020 10:21:55 GMT
Server: nginx
ETag: W/"1f56-17076b7b1b8"
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H/1.1 200
OK style.css
grand.online/resources/css/ 169 KB
27 KB 236ms
123ms Stylesheet
text/css 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to

Full URL: https://grand.online/resources/css/style.css
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 57369f643f1fba58cb7454e7287f2613af75c97e79b627d747211fbcbd4c16e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:28 GMT
Content-Encoding: gzip
Last-Modified: Sun, 13 Mar 2022 23:10:10 GMT
Server: nginx
ETag: W/"2a29b-17f858bdc50"
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 css
fonts.googleapis.com/ 24 KB
2 KB 129ms
45ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

97d9589325e5fe0bf92bd3798ea970cb4e6744353ae88490bb13c88b9bd9324a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 20 May 2022 09:35:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 20 May 2022 10:12:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 May 2022 10:12:28 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
649 B 137ms
53ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

89ac9ac9042c7ef410ab439837b270dd2dd9f6c545d9383ea8969a35c945cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 20 May 2022 08:13:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 20 May 2022 10:12:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 May 2022 10:12:28 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
29 KB 144ms
58ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

c92a4a5ceadffb016174565303c073aeaaaebb16c86bc772799bce0c6bbeb6c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29184
x-xss-protection: 0
server: sffe
etag: "1220 / 707 of 1000 / last-modified: 1652997942"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 20 May 2022 10:12:28 GMT

GET
H/1.1 200
OK register.js Show response
grand.online/resources/js/ 5 KB
5 KB 179ms
66ms Script
application/javascript 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to

Full URL: https://grand.online/resources/js/register.js
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 172e2246438b6eff65e86e6ce41fd12720f6a2139acc1b555f93c8c87e1d2af8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:28 GMT
Last-Modified: Mon, 24 Feb 2020 10:22:04 GMT
Server: nginx
ETag: W/"121b-17076b7d4e0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 4635

GET
H/1.1 200
OK pass-recovery.js Show response
grand.online/resources/js/ 4 KB
5 KB 229ms
58ms Script
application/javascript 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to

Full URL: https://grand.online/resources/js/pass-recovery.js
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 0772ef06c910ba5884b31a93d70b53c1a00c50b0d4293da1fba18ce4553d8126

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:28 GMT
Last-Modified: Mon, 24 Feb 2020 10:21:55 GMT
Server: nginx
ETag: W/"111c-17076b7b1b8"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 4380

GET
H/1.1 200
OK top-bar-logo.svg
grand.online/resources/img/ 2 KB
2 KB 153ms
58ms Image
image/svg+xml 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/resources/img/top-bar-logo.svg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 7f214d089806ff1a20e2cf6022b7a46766a8bb7ac1602781db3ad879fdf9acb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Mon, 24 Feb 2020 10:21:55 GMT
Server: nginx
ETag: W/"751-17076b7b1b8"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 1873

GET
H/1.1 200
OK top-bar-logo-gray.svg
grand.online/resources/img/ 2 KB
2 KB 59ms
58ms Image
image/svg+xml 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/resources/img/top-bar-logo-gray.svg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 35f1bd33cae1c3679f2d59efad596b94c02482de4a8e978d37bdebd95b2a17c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Mon, 24 Feb 2020 10:21:55 GMT
Server: nginx
ETag: W/"751-17076b7b1b8"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 1873

GET
H/1.1 200
OK sanja_levo.jpg
grand.online/resources/img/banners/zvezde-granda/ 126 KB
126 KB 59ms
58ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/resources/img/banners/zvezde-granda/sanja_levo.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: df735c0cbff6fdac8d3c64ef35cd214c28ab2cfd4ee329cb9a55c23869bac3c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Sun, 29 Nov 2020 15:26:51 GMT
Server: nginx
ETag: W/"1f683-176149d2278"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 128643

GET
H/1.1 200
OK voja_desno.jpg
grand.online/resources/img/banners/zvezde-granda/ 130 KB
131 KB 59ms
59ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/resources/img/banners/zvezde-granda/voja_desno.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 4e931a6c65d3eb9699217179250fd1b38dd010b4fc02b84cb0acca98614323ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Sun, 29 Nov 2020 15:26:52 GMT
Server: nginx
ETag: W/"20964-176149d2660"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 133476

GET
H/1.1 200
OK 496aa05d8f56a648468295e31f78d54d19d24fdd.jpg
grand.online/uploaded/files/ 86 KB
86 KB 59ms
59ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/496aa05d8f56a648468295e31f78d54d19d24fdd.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 2fdf4489187268b3cd47a54f23214867aec9a39908818647e40263136c6f8914

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Wed, 18 May 2022 12:02:32 GMT
Server: nginx
ETag: W/"157b4-180d70c5931"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 87988

GET
H/1.1 200
OK 7fb68324fe94ed6f4a54e1cc27d16bc2c0c08b69.jpg
grand.online/uploaded/files/ 204 KB
204 KB 115ms
115ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/7fb68324fe94ed6f4a54e1cc27d16bc2c0c08b69.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 086131e69c0bca621baf47330f1f9d809bdda02344355fb32044a3769a28a624

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Fri, 20 May 2022 08:53:21 GMT
Server: nginx
ETag: W/"32fb1-180e0abdc0e"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 208817

GET
H/1.1 200
OK 568d6b6b060699423589b5dfdeb760ea1219daac.jpg
grand.online/uploaded/files/ 165 KB
166 KB 60ms
60ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/568d6b6b060699423589b5dfdeb760ea1219daac.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: b9f1cadf29bcf6a24ce165552be9121d9c2e80a98ff3020a90d12021c0730b80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Fri, 20 May 2022 08:20:28 GMT
Server: nginx
ETag: W/"294f0-180e08dc202"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 169200

GET
H/1.1 200
OK 90a87c5ff8814b68e092f9ed849272bf61e86de8.jpg
grand.online/uploaded/files/ 48 KB
49 KB 59ms
59ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/90a87c5ff8814b68e092f9ed849272bf61e86de8.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 878605f192b95f9a0a7e129cc3cc1dcf7a2754eab3601cf5d00f7ddbb81bf96d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Fri, 20 May 2022 07:56:24 GMT
Server: nginx
ETag: W/"c156-180e077b8fc"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 49494

GET
H/1.1 200
OK d75b96e2c39646ea8047a6efdb5a9bff08458305.jpg
grand.online/uploaded/files/ 35 KB
36 KB 68ms
68ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/d75b96e2c39646ea8047a6efdb5a9bff08458305.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: e3654f353d5f99c929dcbc6cd5d028fd054c4cd800bd97df26658530a56a17bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Thu, 19 May 2022 08:12:59 GMT
Server: nginx
ETag: W/"8dfe-180db608b7f"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 36350

GET
H/1.1 200
OK 1281de9053e9a5624fabb321e47bc35984db204d.jpg
grand.online/uploaded/files/thumbnail/ 2 KB
2 KB 129ms
59ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/thumbnail/1281de9053e9a5624fabb321e47bc35984db204d.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 8fc7507602c37c5bfee8bb08ceda0b99d0ddf72c54a0c6c46dd6b54dac40f1ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Sun, 15 May 2022 21:33:52 GMT
Server: nginx
ETag: W/"67c-180c9a4586c"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 1660

GET
H/1.1 200
OK fe21593bd428f50d50c5fdb2ae11acef3edb5b64.jpg
grand.online/uploaded/files/thumbnail/ 2 KB
3 KB 152ms
58ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/thumbnail/fe21593bd428f50d50c5fdb2ae11acef3edb5b64.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 31b4ba20cc14a0ceca4e0f21c01d61ddd2de674d58742e2c4240e51553f1d54c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Sat, 14 May 2022 09:30:42 GMT
Server: nginx
ETag: W/"834-180c1e7e6b0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 2100

GET
H/1.1 200
OK c11efb27c6344e38bc66cc6a3be960ad3efb1393.jpg
grand.online/uploaded/files/thumbnail/ 2 KB
2 KB 137ms
61ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/thumbnail/c11efb27c6344e38bc66cc6a3be960ad3efb1393.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: d0441413e84c482c0033f6a02f2a0aca73fa49c58852a05cbb279c036b0fb770

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Tue, 17 May 2022 08:45:07 GMT
Server: nginx
ETag: W/"6b5-180d13141a1"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 1717

GET
H/1.1 200
OK 158f56b2265c3d6cc0d73bd0aaec43ebb021249b.jpg
grand.online/uploaded/files/thumbnail/ 2 KB
3 KB 189ms
58ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/thumbnail/158f56b2265c3d6cc0d73bd0aaec43ebb021249b.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 46533138ce94f0f5d3aad59d001a3985ef36d39c626a878f6cbb8915fb7760b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Mon, 16 May 2022 15:18:52 GMT
Server: nginx
ETag: W/"85a-180cd7362e0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 2138

GET
H/1.1 200
OK 45a570a52bbaefd8de663e417e7aeb609b18cbcb.jpg
grand.online/uploaded/files/thumbnail/ 2 KB
2 KB 94ms
76ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/thumbnail/45a570a52bbaefd8de663e417e7aeb609b18cbcb.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 50d6df7b3221685d092249c14f86481689b29994fc912b2f10554f4fff1eeeaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:28 GMT
Last-Modified: Thu, 19 May 2022 16:11:50 GMT
Server: nginx
ETag: W/"72a-180dd16f42e"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 1834

GET
H/1.1 200
OK 7ca89abc370754dbf4ac73b05aa00df289ff922c.jpg
grand.online/uploaded/files/thumbnail/ 3 KB
3 KB 93ms
69ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/thumbnail/7ca89abc370754dbf4ac73b05aa00df289ff922c.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: fb8f89b99981d538e19e0e3fc2511afa4c227177011dc76c8e5735d4e689fe19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:28 GMT
Last-Modified: Sun, 15 May 2022 14:04:44 GMT
Server: nginx
ETag: W/"b57-180c80925de"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 2903

GET
H/1.1 200
OK 5469e6f36917d795cb4c956125eaa52a1bb24ac9.jpg
grand.online/uploaded/files/thumbnail/ 3 KB
3 KB 130ms
59ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/thumbnail/5469e6f36917d795cb4c956125eaa52a1bb24ac9.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 799d2141fefa365654212eb720f7326886b4a6586e88cc38b974144d202fee4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Mon, 16 May 2022 12:58:19 GMT
Server: nginx
ETag: W/"a9a-180ccf2b4ee"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 2714

GET
H/1.1 200
OK 430456f1ab491276ad5660a39f84801a78ec23c8.jpg
grand.online/uploaded/files/thumbnail/ 2 KB
3 KB 122ms
59ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/thumbnail/430456f1ab491276ad5660a39f84801a78ec23c8.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: bb78aaaf7eb9bbb3df028bfcba8fcce6d9db654085b898b75934e38e73757089

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Sat, 14 May 2022 07:11:46 GMT
Server: nginx
ETag: W/"86a-180c168b69e"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 2154

GET
H/1.1 200
OK f5f21333a44dc61909c11e33aede42a8b7db5314.jpg
grand.online/uploaded/files/thumbnail/ 2 KB
2 KB 97ms
59ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/thumbnail/f5f21333a44dc61909c11e33aede42a8b7db5314.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 8cf55fd0c497d122a37fab46f15df131d74b0a098600328e59d6026736f11f8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Fri, 13 May 2022 20:09:54 GMT
Server: nginx
ETag: W/"760-180bf0abf72"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 1888

GET
H/1.1 200
OK 916ccba3ef6a4e48049cda5a65d595dd8db99a98.jpg
grand.online/uploaded/files/thumbnail/ 2 KB
2 KB 59ms
59ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/thumbnail/916ccba3ef6a4e48049cda5a65d595dd8db99a98.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 60c2543b4a8317b497c60da4ce3ace29bfbb372caedb091c8f52d124b0a5dff0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Fri, 13 May 2022 11:41:23 GMT
Server: nginx
ETag: W/"6f5-180bd392f4f"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 1781

GET
H/1.1 200
OK 45587a186e73caec70491cf58e239abf8897f3a2.jpg
grand.online/uploaded/files/ 122 KB
123 KB 60ms
60ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/45587a186e73caec70491cf58e239abf8897f3a2.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: e5ba265212313351bd9bda067111fd607a29d0d24f3aba37f968f8ce845d1b22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Thu, 19 May 2022 14:25:58 GMT
Server: nginx
ETag: W/"1e8d0-180dcb605e6"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 125136

GET
H/1.1 200
OK 65584de8e80592318848c62343928012b41bde5d.jpg
grand.online/uploaded/files/ 109 KB
110 KB 59ms
59ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/65584de8e80592318848c62343928012b41bde5d.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 814350cb80eace8c285085c51b4cfa32ea2571d9894beb272a2b8fbf35f19cd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Thu, 19 May 2022 12:36:56 GMT
Server: nginx
ETag: W/"1b5d9-180dc5233e5"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 112089

GET
H/1.1 200
OK 244fa2549e1de77d4c648c43779f0d10cc187a13.jpg
grand.online/uploaded/files/ 91 KB
92 KB 59ms
59ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/244fa2549e1de77d4c648c43779f0d10cc187a13.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: c2990915dc77b7e79a1b72e91b29f88e3966ee113fb6fb4bfb62ef4d72bc3a9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Thu, 19 May 2022 17:06:33 GMT
Server: nginx
ETag: W/"16ce0-180dd4909b7"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 93408

GET
H/1.1 200
OK 37d52ef88213bde608651867b91b5b8eba036f34.jpg
grand.online/uploaded/files/ 113 KB
113 KB 60ms
59ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/37d52ef88213bde608651867b91b5b8eba036f34.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 490c42902a0c584b107ccc1d907344ae812e940884bda23faa0cf3afdb1a1f67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Thu, 19 May 2022 14:42:42 GMT
Server: nginx
ETag: W/"1c3ef-180dcc55a33"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 115695

GET
H/1.1 200
OK f559a48023023f388a2f2c835824b9255458c02a.jpg
grand.online/uploaded/files/ 167 KB
167 KB 60ms
60ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/f559a48023023f388a2f2c835824b9255458c02a.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 680e45e0a3c168189215b10f80ca91da49e634f4f7ac78ef653a393fa02c30f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Thu, 19 May 2022 19:05:21 GMT
Server: nginx
ETag: W/"29bb8-180ddb5d01e"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 170936

GET
H/1.1 200
OK 2000695bbcf045c62dd919e4a46cd83895c48f94.jpg
grand.online/uploaded/files/ 76 KB
76 KB 60ms
60ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/2000695bbcf045c62dd919e4a46cd83895c48f94.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: fe764d80ffd7489519ea32b5eca9e4ef0bd239717448a8148de07398e1c5cf0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Thu, 19 May 2022 19:12:55 GMT
Server: nginx
ETag: W/"12fc1-180ddbcbc00"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 77761

GET
H/1.1 200
OK 30328d6a87717e4eb48618271a1f8e7e5dd61f79.jpg
grand.online/uploaded/files/ 136 KB
137 KB 60ms
59ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/30328d6a87717e4eb48618271a1f8e7e5dd61f79.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 31e2fe6b0c266793f7578d5f5bd8718c23432f6c12c4f9f299d55507d793e4a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Thu, 19 May 2022 18:20:53 GMT
Server: nginx
ETag: W/"22102-180dd8d19e3"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 139522

GET
H/1.1 200
OK 8fbde88e280a52a8216df7d97363736be2696d54.jpg
grand.online/uploaded/files/ 140 KB
140 KB 60ms
59ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/8fbde88e280a52a8216df7d97363736be2696d54.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 9a24017b5ad0098ae39fe0dbf3969aa331286d0c03cf61747322bfc507042487

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Thu, 19 May 2022 17:20:45 GMT
Server: nginx
ETag: W/"22f6c-180dd560bd0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 143212

GET
H/1.1 200
OK c4696c2a020de99a73304b7fa66ce1396035cdff.jpg
grand.online/uploaded/files/ 114 KB
114 KB 60ms
59ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/c4696c2a020de99a73304b7fa66ce1396035cdff.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 0ee0b7b434eb5d5d727aba90b6e47dc168a3c7b4c582f3ab5e6aeb63d42fe107

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Thu, 19 May 2022 16:56:03 GMT
Server: nginx
ETag: W/"1c803-180dd3f6e52"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 116739

GET
H/1.1 200
OK d83fd254748eaeabbb6facb28441647c20153c5c.jpg
grand.online/uploaded/files/ 42 KB
42 KB 67ms
66ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/d83fd254748eaeabbb6facb28441647c20153c5c.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 44e23777b032aed035f2f95503061a68f0d9c7e59372e2f8254e1513511719c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Thu, 19 May 2022 16:41:27 GMT
Server: nginx
ETag: W/"a6f2-180dd320eec"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 42738

GET
H/1.1 200
OK efdb113ed8c3c8f9fa0d5d52505ae9a192b6eedd.jpg
grand.online/uploaded/files/ 91 KB
92 KB 59ms
59ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/efdb113ed8c3c8f9fa0d5d52505ae9a192b6eedd.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 3a49cc14bb89463195fb38208d74f8dc42ef35f4e31db6cc47fd449eb1cf2f0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Tue, 09 Nov 2021 14:27:29 GMT
Server: nginx
ETag: W/"16c84-17d0518c770"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 93316

GET
H/1.1 200
OK c49883096e1fd5c00fa9c74dbb3816ba893ddb7e.jpg
grand.online/uploaded/files/ 76 KB
77 KB 263ms
263ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/c49883096e1fd5c00fa9c74dbb3816ba893ddb7e.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 5196b3aac9fb9b1c37b8d3c5c0d30c61c683d742b41dd1ebd4ce10a179437fc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Mon, 04 Oct 2021 14:28:36 GMT
Server: nginx
ETag: W/"131b6-17c4bb4ddd1"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 78262

GET
H/1.1 200
OK ae21b4629e4a7656c1066be03577b8223a6e5738.jpg
grand.online/uploaded/files/ 77 KB
78 KB 63ms
63ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/ae21b4629e4a7656c1066be03577b8223a6e5738.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 9fc41ab218a9c82ec669010c33d41ee7bed29cb75771c004b0e8fbcdd9632468

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Thu, 23 Sep 2021 13:00:48 GMT
Server: nginx
ETag: W/"135ee-17c12be86e3"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 79342

GET
H/1.1 200
OK b2d2cf009d9dbc95e53656496c1aeb4ad11d07df.jpg
grand.online/uploaded/files/ 129 KB
130 KB 60ms
60ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/b2d2cf009d9dbc95e53656496c1aeb4ad11d07df.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 533608fb61d63d334653a5076d7fc949c17bbf33bf8219e21dbfa650a25133ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Thu, 23 Sep 2021 13:17:52 GMT
Server: nginx
ETag: W/"20497-17c12ce2741"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 132247

GET
H/1.1 200
OK a67d5afa3e4e23b9a42f76393615efebe3dc4ec4.jpg
grand.online/uploaded/files/ 40 KB
40 KB 73ms
73ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/a67d5afa3e4e23b9a42f76393615efebe3dc4ec4.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: a0d5c3ccdcf05c44686b3628a8eec5c79c3e5caf044aca9b1a7453e05c3d3e0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Tue, 21 Sep 2021 09:02:13 GMT
Server: nginx
ETag: W/"9e9a-17c079761ef"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 40602

GET
H/1.1 200
OK 7efd92f71e3fa7e137737f13058a045e1899c4cb.jpg
grand.online/uploaded/files/ 102 KB
102 KB 72ms
72ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/7efd92f71e3fa7e137737f13058a045e1899c4cb.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: e3c0b96b9699ffd83e2f5ba5b66427a3db71787bae77fd8df7a6f4cc7e2121a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Mon, 20 Sep 2021 13:45:06 GMT
Server: nginx
ETag: W/"19677-17c03740053"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 104055

GET
H/1.1 200
OK 903af6b7b756c3a388290539feb19babe19f88da.jpg
grand.online/uploaded/files/ 48 KB
48 KB 61ms
60ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/903af6b7b756c3a388290539feb19babe19f88da.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: ae65271b9235f8c51c351d51f65c49a99eccc5a1d51633d6bf57f5182acafdfc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Fri, 17 Sep 2021 12:13:03 GMT
Server: nginx
ETag: W/"be5f-17bf3aca5e6"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 48735

GET
H/1.1 200
OK 7fa71cf4302c7f08e423da306ca36d976b342e29.jpg
grand.online/uploaded/files/ 121 KB
121 KB 70ms
70ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/7fa71cf4302c7f08e423da306ca36d976b342e29.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 57297a89d38d2df491eee1c859dd55e415ecdb0a27b3441a89a8939398756771

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Mon, 13 Sep 2021 10:55:09 GMT
Server: nginx
ETag: W/"1e3a6-17bdecbe52f"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 123814

GET
H/1.1 200
OK b8e1bd7d1fde8fc94bb6f590f46f010be96cf8ce.jpg
grand.online/uploaded/files/ 49 KB
49 KB 110ms
109ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/b8e1bd7d1fde8fc94bb6f590f46f010be96cf8ce.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 4f073067d2773f2ed0efa7d4c04e75e21a5318f107fe73699063eec5a2704fd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Wed, 21 Jul 2021 12:31:11 GMT
Server: nginx
ETag: W/"c3a1-17ac90c696a"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 50081

GET
H/1.1 200
OK 2ee7d2e36f31eecd795fb9e5c66ca6b4632bc3ee.jpg
grand.online/uploaded/files/ 137 KB
137 KB 91ms
91ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/2ee7d2e36f31eecd795fb9e5c66ca6b4632bc3ee.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: ce3cfcdef35db3505e95a6d25e8bee74fc75ee0f67c1832dd40ae14566d0458a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Tue, 20 Jul 2021 17:05:19 GMT
Server: nginx
ETag: W/"2234a-17ac4e1074f"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 140106

GET
H/1.1 200
OK 0c9534fe02f7bdbbc1ebe9fdefc08d9d2667033f.jpg
grand.online/uploaded/files/ 164 KB
164 KB 92ms
91ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/0c9534fe02f7bdbbc1ebe9fdefc08d9d2667033f.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 1f9c84b6481c69fc620215604fb605b4c7503e2f3addc9f68d1ddc30a41da422

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Mon, 19 Jul 2021 10:20:14 GMT
Server: nginx
ETag: W/"28e1f-17abe47cbbb"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 167455

GET
H/1.1 200
OK 2fccd089f05e73c8dc0bf1c951b97ee3f6fd0c50.jpg
grand.online/uploaded/files/ 84 KB
84 KB 148ms
148ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/2fccd089f05e73c8dc0bf1c951b97ee3f6fd0c50.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 7fa8a6bcca3dacc9cb960b9e0b828938dc0aba7a2be197b629a1b11766b9fe49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Mon, 19 Jul 2021 10:15:15 GMT
Server: nginx
ETag: W/"14e2c-17abe433d68"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 85548

GET
H/1.1 200
OK 66983c08ef3a69d90656308634d99cd80c91a44a.jpg
grand.online/uploaded/files/ 26 KB
26 KB 60ms
59ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/66983c08ef3a69d90656308634d99cd80c91a44a.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 5b21e5b0c82489be94a4b50e4543ce6b35bad3526dcaf0a7e220cc5ab01a0013

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Thu, 08 Jul 2021 10:58:35 GMT
Server: nginx
ETag: W/"6815-17a85c4f3a3"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 26645

GET
H/1.1 200
OK b9c89b1f871b3d31762b8f9137805e6804361a95.jpg
grand.online/uploaded/files/ 123 KB
123 KB 60ms
59ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/b9c89b1f871b3d31762b8f9137805e6804361a95.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: e8bd46f6d1400c67a5cd3b65cb72ba04e0b4dc8aa5d5521f74a1e2a0c6f656a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Mon, 05 Jul 2021 15:46:05 GMT
Server: nginx
ETag: W/"1ea37-17a77591a00"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 125495

GET
H/1.1 200
OK 77961c965c4b971788e7393e008be45b27a8cb8e.jpg
grand.online/uploaded/files/ 139 KB
140 KB 60ms
59ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/77961c965c4b971788e7393e008be45b27a8cb8e.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 4daee49ee6cecd1bf9e92fad93c6c9c85e1da15691220060e0c7d92b2ff6b1a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Mon, 05 Jul 2021 17:26:48 GMT
Server: nginx
ETag: W/"22cfa-17a77b54e60"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 142586

GET
H/1.1 200
OK f1e46852f65359e84731638749ceb4533ccad9d1.jpg
grand.online/uploaded/files/ 180 KB
181 KB 59ms
59ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/f1e46852f65359e84731638749ceb4533ccad9d1.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 77b8581a4bb29e43dbf4b4e86c8a99fde8b099fcd46976604ec355c1adb58e6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Mon, 16 May 2022 07:34:19 GMT
Server: nginx
ETag: W/"2d0bd-180cbca1212"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 184509

GET
H/1.1 200
OK 279310712a682441d626dfd6111203b926e4d5b7.jpg
grand.online/uploaded/files/ 240 KB
240 KB 60ms
60ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/279310712a682441d626dfd6111203b926e4d5b7.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 3ca8f9a8210bc6b71624e8a90888498aa627346a3d4ca0f711e79e73e6328bbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Sun, 01 May 2022 07:46:58 GMT
Server: nginx
ETag: W/"3bf85-1807e964272"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 245637

GET
H/1.1 200
OK 41d693d26693a51a139d16b573f7bdba6d5d3a0e.jpg
grand.online/uploaded/files/ 257 KB
258 KB 61ms
60ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/41d693d26693a51a139d16b573f7bdba6d5d3a0e.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: f26cbeecf910e06ba7ed31d1bf8d01c6d8195088451f626cff5bc3cefd0262d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Mon, 25 Apr 2022 09:44:54 GMT
Server: nginx
ETag: W/"40539-180601c12fe"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 263481

GET
H/1.1 200
OK 6b158433467ad0feac186dd5477fa256847abb1e.jpg
grand.online/uploaded/files/ 221 KB
222 KB 71ms
71ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/6b158433467ad0feac186dd5477fa256847abb1e.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 541d57d00e3a0e69772bb15b9fe9d74aabc46e8a118770bdaecded859c79ca28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Mon, 11 Apr 2022 07:19:56 GMT
Server: nginx
ETag: W/"3744a-180177e54ac"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 226378

GET
H/1.1 200
OK c3667574cd147fd4f986cbfd77fe9f6d6f993a0a.jpg
grand.online/uploaded/files/ 256 KB
257 KB 60ms
59ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/c3667574cd147fd4f986cbfd77fe9f6d6f993a0a.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: bec88eebe3e74cf703e75d985c2fbed93b84956c4b9161c7dbc1cb39ea299c78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Sun, 27 Mar 2022 07:18:29 GMT
Server: nginx
ETag: W/"401c2-17fca3d99f9"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 262594

GET
H/1.1 200
OK 7a5794fee33f1325bdce418d410a68c573f443b1.jpg
grand.online/uploaded/files/ 230 KB
230 KB 60ms
59ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/7a5794fee33f1325bdce418d410a68c573f443b1.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: aca07c1ff13e6a8a82a83f2f405c95a765afc312d8dd691e07fa1381233a5626

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Mon, 14 Mar 2022 08:34:26 GMT
Server: nginx
ETag: W/"3973e-17f879077bf"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 235326

GET
H/1.1 200
OK 3d3db1022ba0684929fcfb82bcf5d390f8605854.jpg
grand.online/uploaded/files/ 87 KB
87 KB 60ms
60ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/3d3db1022ba0684929fcfb82bcf5d390f8605854.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: d4efcb6ddae36dfb8c3b873fc81d9492479f82b360ce16c8ed7008f50443e24b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:30 GMT
Last-Modified: Sat, 12 Mar 2022 23:25:18 GMT
Server: nginx
ETag: W/"15b1b-17f80735d51"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 88859

GET
H/1.1 200
OK ef6846ebe00d13a625aa2f747b6b0561f2329799.jpg
grand.online/uploaded/files/ 274 KB
274 KB 67ms
61ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/ef6846ebe00d13a625aa2f747b6b0561f2329799.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 3fcf5ff4c2b9410c11cd576050ca42ab35d8710a26a06f5a2fe8ef4b21efb3ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:30 GMT
Last-Modified: Sun, 27 Feb 2022 09:12:00 GMT
Server: nginx
ETag: W/"44781-17f3a737763"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 280449

GET
H/1.1 200
OK c3f607e4acfce60d42f8d56a38b062a2f65514f8.jpg
grand.online/uploaded/files/ 238 KB
239 KB 60ms
59ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/c3f607e4acfce60d42f8d56a38b062a2f65514f8.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: fab10ef0b40c2e2da0973e0697903d144e8ef0e2de7096466d86b7b5312b8134

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:30 GMT
Last-Modified: Sun, 20 Feb 2022 22:27:38 GMT
Server: nginx
ETag: W/"3b8d6-17f193f62a9"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 243926

GET
H/1.1 200
OK 38ecb1c9ae612cc1ecc9ae0a92f389030e1b9167.jpg
grand.online/uploaded/files/ 161 KB
161 KB 59ms
59ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/38ecb1c9ae612cc1ecc9ae0a92f389030e1b9167.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: ff9c62afbb0f39e487474bc9f1e286ed22c0999232a735ada869d5d03746496a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:30 GMT
Last-Modified: Mon, 07 Feb 2022 09:08:55 GMT
Server: nginx
ETag: W/"282c6-17ed371758d"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 164550

GET
H/1.1 200
OK a9cf3e337188fcbe988a5318d42c741302ecd58b.jpg
grand.online/uploaded/files/ 218 KB
219 KB 60ms
60ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/a9cf3e337188fcbe988a5318d42c741302ecd58b.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 5119f8380037c6b3abb9e14ee7d8fb84e4fd55794e38505dc73c198da07be53f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:30 GMT
Last-Modified: Sun, 06 Feb 2022 00:07:52 GMT
Server: nginx
ETag: W/"369f0-17ecc5bc32e"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 223728

GET
H/1.1 200
OK 21584a44eb6fe8f3bc64296265500710a52cc048.jpg
grand.online/uploaded/files/ 179 KB
179 KB 60ms
60ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/21584a44eb6fe8f3bc64296265500710a52cc048.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 65f5314f04718a775463da7b30aa335077eaddc201a9d692c0ac4dbe54bd0f93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:30 GMT
Last-Modified: Sun, 23 Jan 2022 01:36:21 GMT
Server: nginx
ETag: W/"2ca38-17e8493bd7c"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 182840

GET
H/1.1 200
OK 98f2ba46d1ab0b3acb2246ab9a50a3e00af6b6fe.jpg
grand.online/uploaded/files/ 126 KB
127 KB 60ms
60ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/98f2ba46d1ab0b3acb2246ab9a50a3e00af6b6fe.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 3fb407f13924c5b7feec14a03619c2ca57f8044a5bbc872f79c96445e36ccf8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:30 GMT
Last-Modified: Sun, 16 Jan 2022 20:49:32 GMT
Server: nginx
ETag: W/"1f988-17e64a6fc43"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 129416

GET
H/1.1 200
OK 49a26d70cd3311b867ae6949f3aee5b0172429ea.jpg
grand.online/uploaded/files/ 63 KB
64 KB 63ms
61ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/49a26d70cd3311b867ae6949f3aee5b0172429ea.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 9756fc7cd3cc16345a37b7786decfc1b81252d208dad76c16819637c61e35a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:30 GMT
Last-Modified: Sun, 09 Jan 2022 22:26:02 GMT
Server: nginx
ETag: W/"fd4a-17e40f2d090"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 64842

GET
H/1.1 200
OK d4843d1030eb1edf24c7d2081d9488bedda5b26d.jpg
grand.online/uploaded/files/ 210 KB
211 KB 60ms
60ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/d4843d1030eb1edf24c7d2081d9488bedda5b26d.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 51c26a3db49cf606e3e0a8ec45e34eb119889ac6df2e51b62252058a94740097

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:30 GMT
Last-Modified: Sun, 26 Dec 2021 23:13:36 GMT
Server: nginx
ETag: W/"34818-17df905561f"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 215064

GET
H/1.1 200
OK m_f1e46852f65359e84731638749ceb4533ccad9d1.jpg
grand.online/uploaded/files/ 28 KB
28 KB 59ms
59ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/m_f1e46852f65359e84731638749ceb4533ccad9d1.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: f6e8410a5cea6d37c6a0409f05b7142509f0be16a705c2ce701f84b4b59e762c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:30 GMT
Last-Modified: Mon, 16 May 2022 07:34:19 GMT
Server: nginx
ETag: W/"6f26-180cbca1397"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 28454

GET
H/1.1 200
OK m_10ee11af5c14ba19d8a5d580ab2c83e74391a71a.jpg
grand.online/uploaded/files/ 20 KB
20 KB 91ms
59ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/m_10ee11af5c14ba19d8a5d580ab2c83e74391a71a.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: b431ad89535391a209aff578787562914a904f3d29a76ea5ff97b913ec66c23e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Fri, 06 Jan 2017 22:24:54 GMT
Server: nginx
ETag: W/"4f10-15975e27b27"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 20240

GET
H/1.1 200
OK m_dfce2f8bd91d78ae594b3a9baef2e029434caf3c.jpg
grand.online/uploaded/files/ 87 KB
88 KB 97ms
60ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/m_dfce2f8bd91d78ae594b3a9baef2e029434caf3c.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 7b5838872362fcb56b41e426cdb5073006164d97524ac44902f5749e1da20e56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Mon, 23 Apr 2018 12:06:45 GMT
Server: nginx
ETag: W/"15dd2-162f2662e6d"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 89554

GET
H/1.1 200
OK owl.carousel.js Show response
grand.online/resources/vendor/ 51 KB
52 KB 59ms
59ms Script
application/javascript 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to

Full URL: https://grand.online/resources/vendor/owl.carousel.js
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 1694434ab2c09bd57c2c84b62e49a1d4726645ca6c47e4c521dd4c9ce8bd1479

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:28 GMT
Last-Modified: Mon, 24 Feb 2020 10:21:55 GMT
Server: nginx
ETag: W/"cdf3-17076b7b1b8"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 52723

GET
H/1.1 200
OK masonry.pkgd.min.js Show response
grand.online/resources/vendor/ 24 KB
24 KB 121ms
120ms Script
application/javascript 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to

Full URL: https://grand.online/resources/vendor/masonry.pkgd.min.js
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 367d6afdfc741fb48d2d9310e47c3924b693459a74c882c0fc545ec5ed7d55d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:28 GMT
Last-Modified: Mon, 24 Feb 2020 10:21:55 GMT
Server: nginx
ETag: W/"5e27-17076b7b1b8"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 24103

GET
H/1.1 200
OK jquery.viewportchecker.js Show response
grand.online/resources/vendor/ 3 KB
3 KB 65ms
65ms Script
application/javascript 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to

Full URL: https://grand.online/resources/vendor/jquery.viewportchecker.js
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 7ef666c3e4863dc99388d74784ece59a7d89412b8d9645544da01ab272aeaa14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:28 GMT
Last-Modified: Mon, 24 Feb 2020 10:21:55 GMT
Server: nginx
ETag: W/"bcc-17076b7b1b8"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 3020

GET
H/1.1 200
OK smoothscroll.js Show response
grand.online/resources/vendor/ 7 KB
8 KB 70ms
70ms Script
application/javascript 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to

Full URL: https://grand.online/resources/vendor/smoothscroll.js
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: ff8a921069f33402a4aa8ab5654d6c3d1027b7739e20b3eaddcbb6f80c67403a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:28 GMT
Last-Modified: Mon, 24 Feb 2020 10:21:55 GMT
Server: nginx
ETag: W/"1c25-17076b7b1b8"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 7205

GET
H/1.1 200
OK jquery.magnific-popup.min.js Show response
grand.online/resources/vendor/ 20 KB
20 KB 122ms
121ms Script
application/javascript 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to

Full URL: https://grand.online/resources/vendor/jquery.magnific-popup.min.js
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:28 GMT
Last-Modified: Mon, 24 Feb 2020 10:21:55 GMT
Server: nginx
ETag: W/"4ef8-17076b7b1b8"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 20216

GET
H/1.1 200
OK pie-chart.js Show response
grand.online/resources/vendor/ 5 KB
6 KB 63ms
62ms Script
application/javascript 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to

Full URL: https://grand.online/resources/vendor/pie-chart.js
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: a93319dfeca5cfffb65c42e156e2188e48db7f4e7126e105c594b7467bd6d7e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:28 GMT
Last-Modified: Mon, 24 Feb 2020 10:21:55 GMT
Server: nginx
ETag: W/"159a-17076b7b1b8"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 5530

GET
H/1.1 200
OK jquery.colorbox.js Show response
grand.online/resources/vendor/ 28 KB
29 KB 112ms
59ms Script
application/javascript 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to

Full URL: https://grand.online/resources/vendor/jquery.colorbox.js
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: c5a310590b84ddb8c45b12b32267c95961a7fc4f7bbd13828113d00abfdd24b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Mon, 24 Feb 2020 10:21:55 GMT
Server: nginx
ETag: W/"71f1-17076b7b1b8"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 29169

GET
H/1.1 200
OK moment.min.js Show response
grand.online/resources/vendor/ 25 KB
26 KB 59ms
59ms Script
application/javascript 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to

Full URL: https://grand.online/resources/vendor/moment.min.js
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: fd4801631ecd42c3f5b571b88c10aa428968ec95ebef8856fa720a45201f6cb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Mon, 24 Feb 2020 10:21:55 GMT
Server: nginx
ETag: W/"65c1-17076b7b1b8"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 26049

GET
H3

200

ab12745d93c5.js Show response
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain

https://platform.instagram.com/en_US/embeds.js
https://www.instagram.com/embed.js
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js

15 KB
5 KB

78ms
37ms

Script
text/javascript

2a03:2880:f21c:81e5:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H3
Server: 2a03:2880:f21c:81e5:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 15:39:23 GMT
content-encoding: br
etag: "ab12745d93c5"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
edge-control: max-age=1209600, no-transform
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
content-length: 4843
priority: u=3,i

Redirect headers

date: Fri, 20 May 2022 10:12:29 GMT
x-fb-trip-id: 1679558926
x-ig-origin-region: odn
content-type: text/html; charset=utf-8
location: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
cache-control: max-age=21600
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK app.js Show response
grand.online/resources/js/ 14 KB
15 KB 59ms
59ms Script
application/javascript 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to

Full URL: https://grand.online/resources/js/app.js
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: cec39ec74b600cc736c68de3fbf6654d56da9a73537834d9118cd64d6234a4df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Mon, 24 Feb 2020 10:21:55 GMT
Server: nginx
ETag: W/"3829-17076b7b1b8"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 14377

GET
H/1.1 200
OK app.custom.js Show response
grand.online/resources/js/ 10 KB
11 KB 59ms
58ms Script
application/javascript 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to

Full URL: https://grand.online/resources/js/app.custom.js
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 22b04e027387848488dcd5c19bcca157d65915c425b481c65be1d7fd2ff9ff37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:29 GMT
Last-Modified: Sat, 09 Oct 2021 00:13:21 GMT
Server: nginx
ETag: W/"29a2-17c6265a4e8"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 10658

GET
H2 200 tracker.js Show response
ug.contentexchange.me/static/ 6 KB
6 KB 186ms
49ms Script
text/javascript 46.19.9.50
SIEL

General

Check archive.org

Show headers Download Go to

Full URL

https://ug.contentexchange.me/static/tracker.js

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

46.19.9.50 , Slovenia, ASN51790 (SIEL, SI),

Reverse DNS

2E130C26.rDNS.SiEL.si

Software

nginx/1.10.0 (Ubuntu) /

Resource Hash

216920dcf855c0345269a347a7bebca5c0bee4407d70deb6f3dc48f014c5091d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: nginx/1.10.0 (Ubuntu)
date: Fri, 20 May 2022 10:11:47 GMT
content-type: text/javascript; charset=utf-8

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 35 KB
14 KB 155ms
45ms Script
application/x-javascript 2600:9000:2315:9800:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:9800:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 04d64f65072f624d3a1c5c29b27f02e1d8c09aad3d1f7b1a2b86f200cdc883aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 08:23:01 GMT
content-encoding: gzip
last-modified: Wed, 20 Apr 2022 00:08:30 GMT
server: nginx
age: 6568
etag: W/"625f4efe-8bf5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 0247123ccdc6a2a86167d7f4de30885a.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: -dAghBjMaFVq-kEA1vb_10dj0uY1c_N8ojTfBmOZUnpn6NtwIK6PLQ==
expires: Fri, 20 May 2022 10:23:01 GMT

GET
H2 200 xgemius.js Show response
gars.hit.gemius.pl/ 52 KB
14 KB 165ms
38ms Script
application/x-javascript 141.95.47.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gars.hit.gemius.pl/xgemius.js
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.95.47.70 Paris, France, ASN16276 (OVH, FR),
Reverse DNS: ns31479462.ip-141-95-47.eu
Software: GHC /
Resource Hash: 1b446bcae50da401465f47a793122285baf65f581395f515e743d5e70d33c4f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:29 GMT
content-encoding: gzip
last-modified: Thu, 19 May 2022 10:55:58 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 14061
expires: Fri, 20 May 2022 22:12:29 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 126ms
44ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://grand.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 19:07:55 GMT
x-content-type-options: nosniff
age: 313473
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 19:07:55 GMT

GET
H/1.1 200
OK icomoon.ttf
grand.online/resources/icon/fonts/ 28 KB
28 KB 180ms
122ms Font
application/x-font-ttf 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to

Full URL: https://grand.online/resources/icon/fonts/icomoon.ttf?yk9l2o
Requested by: Host: grand.online
URL: https://grand.online/resources/icon/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: c0fc92a1d6ee5f49a6eb88bc8e41ef9e94cfdd2f8069f19a7c10c03751df163f

Request headers

Referer: https://grand.online/resources/icon/style.css
Origin: https://grand.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:28 GMT
Last-Modified: Mon, 24 Feb 2020 10:21:55 GMT
Server: nginx
ETag: W/"6e90-17076b7b1b8"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/x-font-ttf
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 28304

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 134ms
56ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://grand.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 16:39:45 GMT
x-content-type-options: nosniff
age: 322363
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 16:39:45 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 150ms
85ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://grand.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 12:29:20 GMT
x-content-type-options: nosniff
age: 337388
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 12:29:20 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 189ms
125ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://grand.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 17:12:10 GMT
x-content-type-options: nosniff
age: 320418
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 17:12:10 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 158ms
99ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://grand.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 13:40:17 GMT
x-content-type-options: nosniff
age: 333131
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11824
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 13:40:17 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 166ms
108ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b076e86301cbee8c5c9aef51863a9c0a88e6f6d2aabdffca93e031113c6caa74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://grand.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 13:49:13 GMT
x-content-type-options: nosniff
age: 332595
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11796
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 13:49:13 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 11 KB
12 KB 186ms
133ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2781e9e7c3f369b8fc7965e679b17b60b5b11eaae5da1e5045107bbdd9d568f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://grand.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 16:40:52 GMT
x-content-type-options: nosniff
age: 322296
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11756
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 16:40:52 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 192ms
139ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://grand.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 21:35:52 GMT
x-content-type-options: nosniff
age: 304597
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11872
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 21:35:52 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 115ms
37ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9b4ac9ab8a0e2d104be38e05caceb07d2ccd1709bc97e5ceaf067bdd5cab2a9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 2YCDsjvdXqS5Hh08qtwagQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: CnEKSzIp2Pxe+OsMUGqACtAn8HAFahS6ycdRXdi0W/WaP4+83z8sdR3DGGsGHVO56cR6RtkPCQYMzAFKyxOvVw==
x-fb-trip-id: 686109401
x-fb-content-md5: 99f7214470c08593b056b8d3284e476e
x-frame-options: DENY
date: Fri, 20 May 2022 10:12:29 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "ef120b1d2c20a0b174869f66c938197d"
timing-allow-origin: *
expires: Fri, 20 May 2022 10:20:07 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 146ms
117ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://grand.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 12:56:04 GMT
x-content-type-options: nosniff
age: 335784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 12:56:04 GMT

GET
H2 200 5f85aef32f8be553873579ef Show response
analytics.contentexchange.me/bex/boot/ 37 KB
12 KB 53ms
53ms Script
text/javascript 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.contentexchange.me/bex/boot/5f85aef32f8be553873579ef?url=https%3A%2F%2Fgrand.online%2F&ref=direct&gdpr=2&cx_id=new
Requested by: Host: analytics.contentexchange.me
URL: https://analytics.contentexchange.me/bex/load/5f85aef32f8be553873579ef
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: cbf163bef3aff6ae661c0d52b6c104b4e510b263d35707d74a3cce1901e69e87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:29 GMT
content-encoding: gzip
server: nginx/1.16.1
etag: W/"6287698dde5ad701f8ee206a"
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: *
cache-control: private, max-age=0, must-revalidate, no-store, no-cache
content-type: text/javascript; charset=utf-8

GET
H2 200 pubads_impl_2022051901.js Show response
securepubads.g.doubleclick.net/gpt/ 367 KB
125 KB 37ms
37ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js?cb=31067705

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

b2b1dec112659f4ebebe1b62a838d3fb57a67fb0d31baa1371c3fe5420643120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 09:16:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3366
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127573
x-xss-protection: 0
last-modified: Thu, 19 May 2022 08:36:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 20 May 2023 09:16:23 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 93 B
108 B 122ms
47ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=grand.online

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

fd852854b011e82c920073069e31f0ad76a933aa554413e936d26c8dd73d807a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 May 2022 10:12:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83
x-xss-protection: 0
expires: Fri, 20 May 2022 10:12:29 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 292 KB
83 KB 78ms
38ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=f1b34a652891c0c55511234bc4fd8c40

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fe9a9c6a5ac3a7561f25bd9d9ac29ec47bf804de79c3cd9cd35225baf137f879

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://grand.online/
Origin: https://grand.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: jevs9Ier8p1EaoIMzvqJCA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85209
x-fb-rlafr: 0
x-fb-debug: 5jPiwBht9DUvcWCqfuEOrVUXJJ3hAwDEpRjlf9mrM7vwH+NujlvwcuG4FTWlhZcepwT/AgYTq6EWhE7oWFH4hA==
x-fb-content-md5: e4e21dce0cfb9e4330ba40903d1e9e0a
x-frame-options: DENY
date: Fri, 20 May 2022 10:12:29 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "6814ae1671b9825b9a543bd2d0b2bf27"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 20 May 2023 09:18:22 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 82 KB
33 KB 131ms
48ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js

Requested by

Host: analytics.contentexchange.me
URL: https://analytics.contentexchange.me/bex/boot/5f85aef32f8be553873579ef?url=https%3A%2F%2Fgrand.online%2F&ref=direct&gdpr=2&cx_id=new

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b1608104cba710909d93dd0ab41046bd7b95680a98f63b09b1959224777384f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:29 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33060
x-xss-protection: 0
last-modified: Fri, 20 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 20 May 2022 10:12:29 GMT

GET
H2 200 storage.html Show response
analytics.contentexchange.me/bex/ Frame 2309 1 KB
631 B 51ms
51ms Document
text/html 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.contentexchange.me/bex/storage.html
Requested by: Host: analytics.contentexchange.me
URL: https://analytics.contentexchange.me/bex/boot/5f85aef32f8be553873579ef?url=https%3A%2F%2Fgrand.online%2F&ref=direct&gdpr=2&cx_id=new
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: 78526ac509a71a338fd7659197f80b4a153b6c4cdd4d61240511b78e47370834

Request headers

Referer: https://grand.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=31536000
content-encoding: gzip
content-type: text/html
date: Fri, 20 May 2022 10:12:29 GMT
server: nginx/1.16.1

GET
H2 200 collect
collector_sr.contentexchange.me/sr/ 43 B
259 B 161ms
49ms Image
image/gif 46.19.9.32
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://collector_sr.contentexchange.me/sr/collect?event=pageview&gdpr=2&pv=96355c76-8dc5-4e3c-8f60-f7f8a35d5942&url=https%3A%2F%2Fgrand.online%2F&ref=direct&user_id=6287698dde5ad701f8ee206a&new=true&tz=0&cs=UTF-8&ns=1653041549023&ts=1653041549110&screen=1200x1600x24

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

46.19.9.32 , Slovenia, ASN51790 (SIEL, SI),

Reverse DNS

trfx.serv.si

Software

nginx/1.16.1 /

Resource Hash

d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx/1.16.1
date: Fri, 20 May 2022 10:12:29 GMT
content-type: image/gif

GET
H2

200

2642475688712310473
match.contentexchange.me/adform/
Redirect Chain

https://dmp.adform.net/serving/cookie/match?party=1219&cid=6287698dde5ad701f8ee206a&redirect=https://match.contentexchange.me/adform/__ADFUID__
https://dmp.adform.net/serving/cookie/match?CC=1&party=1219&cid=6287698dde5ad701f8ee206a&redirect=https://match.contentexchange.me/adform/__ADFUID__
https://match.contentexchange.me/adform/2642475688712310473

0
48 B

60ms
53ms

Image
text/plain

46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/adform/2642475688712310473
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:29 GMT
content-length: 0
server: nginx/1.16.1

Redirect headers

pragma: no-cache
date: Fri, 20 May 2022 10:12:29 GMT
server: nginx
location: https://match.contentexchange.me/adform/2642475688712310473
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 fpdata.js Show response
gars.hit.gemius.pl/ 281 B
394 B 37ms
37ms Script
application/x-javascript 141.95.47.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gars.hit.gemius.pl/fpdata.js?href=grand.online
Requested by: Host: gars.hit.gemius.pl
URL: https://gars.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.95.47.70 Paris, France, ASN16276 (OVH, FR),
Reverse DNS: ns31479462.ip-141-95-47.eu
Software: GHC /
Resource Hash: b23d1eddfec3cc0a2386ba1816021fb2604d60df21f3b92b6efa811864ed18e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:29 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 281
expires: Sun, 19 Jun 2022 10:12:29 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 96AF 5 KB
3 KB 171ms
54ms Document
text/html 146.59.30.108
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gars.hit.gemius.pl
URL: https://gars.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.108 , France, ASN16276 (OVH, FR),
Reverse DNS: ip108.ip-146-59-30.eu
Software: GHC /
Resource Hash: 2d0fa19ca78d7db2dd8f246efe1d31a443b01d79be65ec9ffbb25f9e92a3c1ef

Request headers

Referer: https://grand.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2732
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 May 2022 10:12:29 GMT
etag: PRIVATE7520710249
expires: Sun, 19 Jun 2022 10:12:29 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H2 200 bc-v4.min.html Show response
consentcdn.cookiebot.com/sdk/ Frame 3A57 627 B
692 B 120ms
38ms Document
text/html 2a02:26f0:1700:794::f09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:794::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104

Request headers

Referer: https://grand.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: gzip
content-length: 392
content-type: text/html
date: Fri, 20 May 2022 10:12:29 GMT
etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires: Sat, 20 May 2023 10:12:29 GMT
last-modified: Mon, 04 Apr 2022 07:23:49 GMT
server: AkamaiNetStorage
server-timing: cdn-cache; desc=HIT edge; dur=1
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mRUM,1

GET
H2 200 cc.js Show response
consent.cookiebot.com/e1c9e009-11c7-4cc3-9715-b2fe850bb1fa/ 229 KB
54 KB 79ms
79ms Script
application/x-javascript 2a02:26f0:1700:11::b856:6785
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/e1c9e009-11c7-4cc3-9715-b2fe850bb1fa/cc.js?renew=false&referer=grand.online&dnt=false&init=false
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:11::b856:6785 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 110e457b0c1aaf315acc7dc18ed5100b459e7fc0d5c4ccc39af83f81bfb586e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:29 GMT
content-encoding: gzip
last-modified: Fri, 20 May 2022 10:12:29 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: private, max-age=1200
content-length: 55204
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 119ms
37ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6801
date: Fri, 20 May 2022 08:19:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 20 May 2022 10:19:08 GMT

GET
H2 200 boot Show response
tracker_ug.contentexchange.me/ 9 KB
9 KB 77ms
50ms Script
text/javascript 46.19.9.50
SIEL

General

Check archive.org

Show headers Download Go to

Full URL

https://tracker_ug.contentexchange.me/boot?url=https%3A%2F%2Fgrand.online%2F&ref=direct&gdpr=2&cx_id=6287698dde5ad701f8ee206a

Requested by

Host: ug.contentexchange.me
URL: https://ug.contentexchange.me/static/tracker.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

46.19.9.50 , Slovenia, ASN51790 (SIEL, SI),

Reverse DNS

2E130C26.rDNS.SiEL.si

Software

nginx/1.10.0 (Ubuntu) /

Resource Hash

c52a931e1e82748cff94f345fe412b44aca9c82fc9fc3286618c873f89035dfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 20 May 2022 10:11:47 GMT
server: nginx/1.10.0 (Ubuntu)
content-length: 9334
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8

GET
H3 200 KFOkCnqEu92Fr1MmgVxIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 115ms
38ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://grand.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 19:47:12 GMT
x-content-type-options: nosniff
age: 311117
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15764
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 19:47:12 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 129ms
46ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=grand.online

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js?cb=31067705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 May 2022 10:12:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 128ms
45ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=grand.online

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js?cb=31067705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 May 2022 10:12:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 250 KB
62 KB 722ms
722ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3250875346310100&correlator=1070717337206186&eid=31067578%2C31067635%2C31067705%2C31067488&output=ldjh&gdfp_req=1&vrg=2022051901&ptt=17&impl=fifs&us_privacy=1YNY&iu_parts=21876124292%2CGrand_Desktop%2CBILBOARD_Grand%2CGRAND_SB_Gornji%2CGRAND_SideBan_DONJI%2CGRAND_InPage%2CGRAND_Footer%2CGRAND_Branding_LEVI%2CGrand_Branding_DESNI&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7%2C%2F0%2F1%2F8&prev_iu_szs=970x250%7C728x90%2C300x250%2C300x600%2C970x250%2C750x200%2C360x1080%2C360x1080&ifi=1&adks=3062651269%2C3312497002%2C1174929245%2C1290012863%2C2620623041%2C262384875%2C834434713&sfv=1-0-38&ecs=20220520&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1653041549283&lmt=1653041549&dlt=1653041548584&idt=579&biw=1600&bih=1200&adxs=260%2C1011%2C1011%2C-9%2C425%2C-9%2C-9&adys=59%2C772%2C1124%2C-9%2C1000%2C-9%2C-9&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fgrand.online%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1080x5992%7C359x270%7C359x270%7C0x-1%7C1600x-1%7C0x-1%7C0x-1&msz=1080x0%7C300x-1%7C300x-1%7C0x-1%7C1600x-1%7C0x-1%7C0x-1&fws=0%2C4%2C4%2C2%2C512%2C2%2C2&ohw=0%2C360%2C360%2C0%2C0%2C0%2C0&ga_vid=543533847.1653041549&ga_sid=1653041549&ga_hid=1607756888&ga_fc=false&btvi=0%7C0%7C0%7C-1%7C0%7C-1%7C-1&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js?cb=31067705

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

b2dc248d1fd585f00cfd57fa0094fae03a5379b382a8757603a41f048208d5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63653
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-2,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-1,-2,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://grand.online
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 67AF 6 KB
4 KB 151ms
45ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js?cb=31067705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://grand.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 20 May 2022 10:12:29 GMT
expires: Sat, 20 May 2023 10:12:29 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 376ms
123ms Image
image/gif 44.194.96.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=grand.online&p=%2F&u=BH4EV59jLDvDN8XQI&d=grand.online&g=66131&g0=No%20Section&g1=Ivana%20Ankic&n=1&f=00001&c=0&x=0&m=0&y=6700&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1140&t=WoFjRDVhSQwBKVo7MBkPMdiBxdg0d&V=132&i=Grand%20Online&tz=0&sn=1&sv=B36BmR3T6kEBcNduKiubpBNe0gD&sd=1&im=06532c4f&_
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.194.96.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-194-96-154.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:12:29 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 121ms
44ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1607756888&t=pageview&_s=1&dl=https%3A%2F%2Fgrand.online%2F&ul=en-us&de=UTF-8&dt=Grand%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAAC~&jid=2002062449&gjid=1475751941&cid=543533847.1653041549&tid=UA-85054264-1&_gid=740818324.1653041549&_r=1&_slc=1&z=2099805811

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://grand.online/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:12:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://grand.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rexdot.js Show response
gars.hit.gemius.pl/__/_1653041549401/
Redirect Chain

https://gars.hit.gemius.pl/_1653041549401/rexdot.js?l=100&id=bPqQ_we3dyIIzwyHbWqNX4XCXfZFjQeBKE3jOoyK9Xf.d7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fgrand.onlin...
https://gars.hit.gemius.pl/__/_1653041549401/rexdot.js?l=100&id=bPqQ_we3dyIIzwyHbWqNX4XCXfZFjQeBKE3jOoyK9Xf.d7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fgrand.on...

169 B
423 B

75ms
75ms

Script
application/x-javascript

141.95.47.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gars.hit.gemius.pl/__/_1653041549401/rexdot.js?l=100&id=bPqQ_we3dyIIzwyHbWqNX4XCXfZFjQeBKE3jOoyK9Xf.d7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fgrand.online%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=pee1WflcFbt_wjNZv4rKgHqzUhGL6RZTWoiEmGLISSj..78BkuiCe1AgmyUALmS7WnJun6xmRxoUC0RKNUmJUJmkP71U/UTjvkKUAaMOkw/&ltime=287&fpdata=UtHK3ZTlklKd7y2chJ211JlcqSRlgCcUIVlkz35CQR7.E7&fpcap=
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Server: 141.95.47.70 Paris, France, ASN16276 (OVH, FR),
Reverse DNS: ns31479462.ip-141-95-47.eu
Software: GHC /
Resource Hash: 3876be8f01b243630b64993feed70d5df21116d3480be4d8e712e6e13cebf3e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:12:29 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 169
expires: Thu, 19 May 2022 10:12:29 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 May 2022 10:12:29 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1653041549401/rexdot.js?l=100&id=bPqQ_we3dyIIzwyHbWqNX4XCXfZFjQeBKE3jOoyK9Xf.d7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fgrand.online%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=pee1WflcFbt_wjNZv4rKgHqzUhGL6RZTWoiEmGLISSj..78BkuiCe1AgmyUALmS7WnJun6xmRxoUC0RKNUmJUJmkP71U/UTjvkKUAaMOkw/&ltime=287&fpdata=UtHK3ZTlklKd7y2chJ211JlcqSRlgCcUIVlkz35CQR7.E7&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Thu, 19 May 2022 10:12:29 GMT

GET
H2 200 rsAekhpBodngiQx7T-hqzkfp1pcvm Show response
tracker_ug.contentexchange.me/widget/ 809 B
1023 B 53ms
53ms Script
text/javascript 46.19.9.50
SIEL

General

Check archive.org

Show headers Download Go to

Full URL

https://tracker_ug.contentexchange.me/widget/rsAekhpBodngiQx7T-hqzkfp1pcvm?gdpr=2

Requested by

Host: tracker_ug.contentexchange.me
URL: https://tracker_ug.contentexchange.me/boot?url=https%3A%2F%2Fgrand.online%2F&ref=direct&gdpr=2&cx_id=6287698dde5ad701f8ee206a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

46.19.9.50 , Slovenia, ASN51790 (SIEL, SI),

Reverse DNS

2E130C26.rDNS.SiEL.si

Software

nginx/1.10.0 (Ubuntu) /

Resource Hash

cff68caa8d423781efaf6d8a777ba294c7d16739fcb97284870cab00bfbdbc3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 20 May 2022 10:11:47 GMT
cache-control: private, max-age=0, must-revalidate, no-store, no-cache
referrer-policy: unsafe-url
server: nginx/1.10.0 (Ubuntu)
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf8

GET
H2 200 dwy8atKaNCGxE76vd-hchzn41280m Show response
tracker_ug.contentexchange.me/widget/ 881 B
1 KB 59ms
59ms Script
text/javascript 46.19.9.50
SIEL

General

Check archive.org

Show headers Download Go to

Full URL

https://tracker_ug.contentexchange.me/widget/dwy8atKaNCGxE76vd-hchzn41280m?gdpr=2

Requested by

Host: tracker_ug.contentexchange.me
URL: https://tracker_ug.contentexchange.me/boot?url=https%3A%2F%2Fgrand.online%2F&ref=direct&gdpr=2&cx_id=6287698dde5ad701f8ee206a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

46.19.9.50 , Slovenia, ASN51790 (SIEL, SI),

Reverse DNS

2E130C26.rDNS.SiEL.si

Software

nginx/1.10.0 (Ubuntu) /

Resource Hash

25aee19e934cdfcab3a37ae773a36a9ac1321b4146cc469679abb92dd5514afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 20 May 2022 10:11:47 GMT
cache-control: private, max-age=0, must-revalidate, no-store, no-cache
referrer-policy: unsafe-url
server: nginx/1.10.0 (Ubuntu)
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf8

GET
H2 200 bexaca5v288dvj Show response
analytics.contentexchange.me/bex/widget/61262e6960bd1e63eeeff4b9/ 31 B
245 B 52ms
52ms Script
text/javascript 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.contentexchange.me/bex/widget/61262e6960bd1e63eeeff4b9/bexaca5v288dvj?cx_id=6287698dde5ad701f8ee206a&pv=96355c76-8dc5-4e3c-8f60-f7f8a35d5942&ref=https%3A%2F%2Fgrand.online%2F
Requested by: Host: analytics.contentexchange.me
URL: https://analytics.contentexchange.me/bex/boot/5f85aef32f8be553873579ef?url=https%3A%2F%2Fgrand.online%2F&ref=direct&gdpr=2&cx_id=new
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: 6167d5dea19f6b6b7758a5b4086a308ee74ba439eade5ffaa4b94652139a79e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 20 May 2022 10:12:29 GMT
cache-control: private, max-age=0, must-revalidate, no-store, no-cache
referrer-policy: unsafe-url
server: nginx/1.16.1
content-encoding: gzip
content-type: text/javascript; charset=undefined

GET
H2 200 bexfxdfe807hiq Show response
analytics.contentexchange.me/bex/widget/62273b8cc0e5082a8881170c/ 206 B
366 B 65ms
64ms Script
text/javascript 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.contentexchange.me/bex/widget/62273b8cc0e5082a8881170c/bexfxdfe807hiq?cx_id=6287698dde5ad701f8ee206a&pv=96355c76-8dc5-4e3c-8f60-f7f8a35d5942&ref=https%3A%2F%2Fgrand.online%2F
Requested by: Host: analytics.contentexchange.me
URL: https://analytics.contentexchange.me/bex/boot/5f85aef32f8be553873579ef?url=https%3A%2F%2Fgrand.online%2F&ref=direct&gdpr=2&cx_id=new
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: 6cb9ad6a55b7ee042a452b81eea9f28e250023698449022728f9ee950355503f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 20 May 2022 10:12:29 GMT
cache-control: private, max-age=0, must-revalidate, no-store, no-cache
referrer-policy: unsafe-url
server: nginx/1.16.1
content-encoding: gzip
content-type: text/javascript; charset=utf8

GET
DATA 200
OK truncated
/ 973 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: feeff1b73fc856bbaa909aecd74cd3918a41d2f0642b773831da45ad969317e9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 921 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15c001519dc1296f39660e3857f63ee90b0196835ec033c7026435de0cb752ce

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
437 B 142ms
47ms XHR
text/plain 2a00:1450:400c:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-85054264-1&cid=543533847.1653041549&jid=2002062449&gjid=1475751941&_gid=740818324.1653041549&_u=IAhAAEAAAAAAAC~&z=1610417662

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c01::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://grand.online/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 20 May 2022 10:12:29 GMT
content-type: text/plain
access-control-allow-origin: https://grand.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET truncated
/ 0
0

GET
H2 200 tracker.js Show response
tracker_ug.contentexchange.me/ 6 KB
6 KB 50ms
50ms Script
text/javascript 46.19.9.50
SIEL

General

Check archive.org

Show headers Download Go to

Full URL

https://tracker_ug.contentexchange.me/tracker.js

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

46.19.9.50 , Slovenia, ASN51790 (SIEL, SI),

Reverse DNS

2E130C26.rDNS.SiEL.si

Software

nginx/1.10.0 (Ubuntu) /

Resource Hash

216920dcf855c0345269a347a7bebca5c0bee4407d70deb6f3dc48f014c5091d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: nginx/1.10.0 (Ubuntu)
date: Fri, 20 May 2022 10:11:47 GMT
content-type: text/javascript; charset=utf-8

GET
H2 200 NfSyfxPKzJuosYyGC-ual5xhzgtor Show response
tracker_ug.contentexchange.me/widget/ 12 KB
12 KB 122ms
122ms Script
text/javascript 46.19.9.50
SIEL

General

Check archive.org

Show headers Download Go to

Full URL

https://tracker_ug.contentexchange.me/widget/NfSyfxPKzJuosYyGC-ual5xhzgtor?gdpr=2

Requested by

Host: tracker_ug.contentexchange.me
URL: https://tracker_ug.contentexchange.me/boot?url=https%3A%2F%2Fgrand.online%2F&ref=direct&gdpr=2&cx_id=6287698dde5ad701f8ee206a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

46.19.9.50 , Slovenia, ASN51790 (SIEL, SI),

Reverse DNS

2E130C26.rDNS.SiEL.si

Software

nginx/1.10.0 (Ubuntu) /

Resource Hash

fa0147199db3b4eba5a549e5d648f6c5d77aa66e5e0c453a061eb440b95ebe51

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 20 May 2022 10:11:47 GMT
cache-control: private, max-age=0, must-revalidate, no-store, no-cache
referrer-policy: unsafe-url
server: nginx/1.10.0 (Ubuntu)
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf8

GET
H2 200 rAKYT4L9qRLPdQr86-1gb06w5p19r Show response
tracker_ug.contentexchange.me/widget/ 12 KB
12 KB 67ms
67ms Script
text/javascript 46.19.9.50
SIEL

General

Check archive.org

Show headers Download Go to

Full URL

https://tracker_ug.contentexchange.me/widget/rAKYT4L9qRLPdQr86-1gb06w5p19r?gdpr=2

Requested by

Host: tracker_ug.contentexchange.me
URL: https://tracker_ug.contentexchange.me/boot?url=https%3A%2F%2Fgrand.online%2F&ref=direct&gdpr=2&cx_id=6287698dde5ad701f8ee206a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

46.19.9.50 , Slovenia, ASN51790 (SIEL, SI),

Reverse DNS

2E130C26.rDNS.SiEL.si

Software

nginx/1.10.0 (Ubuntu) /

Resource Hash

92c644be29f8343e67fec8047418607ade30866511dd221e26de876fa22222b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 20 May 2022 10:11:47 GMT
cache-control: private, max-age=0, must-revalidate, no-store, no-cache
referrer-policy: unsafe-url
server: nginx/1.10.0 (Ubuntu)
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf8

GET
H3 200 css
fonts.googleapis.com/ 2 KB
550 B 173ms
84ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400&display=swap

Requested by

Host: tracker_ug.contentexchange.me
URL: https://tracker_ug.contentexchange.me/boot?url=https%3A%2F%2Fgrand.online%2F&ref=direct&gdpr=2&cx_id=6287698dde5ad701f8ee206a

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2358eef82e19f11d27748db3055007ae32cc450a0c52aae4a1a95a45ff133048

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 20 May 2022 09:43:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 20 May 2022 10:12:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 May 2022 10:12:29 GMT

GET
H2 200 /
images4.contentexchange.me/fit/magic/ 15 KB
15 KB 202ms
54ms Image
image/jpeg 185.97.52.29
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Fnova.rs%2Fwp-content%2Fuploads%2F2022%2F05%2F20%2F1653039241-h_57617655-1200x800.jpg&size=400x209
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: cex1.vsn.serv.si
Software: nginx/1.16.1 /
Resource Hash: 569a5642be190263d25d138067711515c0f7257f40c0abbe789a3b06300b335f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 20 May 2022 10:12:29 GMT
cache-control: max-age=31536000
server: nginx/1.16.1
content-type: image/jpeg; charset=utf-8
x-cache-status: HIT
expires: Sat, 20 May 2023 10:12:29 GMT

GET
H2 200 /
images4.contentexchange.me/fit/magic/ 23 KB
23 KB 251ms
103ms Image
image/jpeg 185.97.52.29
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Fnova.rs%2Fwp-content%2Fuploads%2F2022%2F05%2F19%2F1652983892-olimpijakos-efes-180056-1200x800.jpg&size=400x209
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: cex1.vsn.serv.si
Software: nginx/1.16.1 /
Resource Hash: caceed49a3e4435282ce5150b9fa794a5a1146941a459cab3e951dedfc7afad1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 20 May 2022 10:12:29 GMT
cache-control: max-age=31536000
server: nginx/1.16.1
content-type: image/jpeg; charset=utf-8
x-cache-status: HIT
expires: Sat, 20 May 2023 10:12:29 GMT

GET
H2 200 /
images4.contentexchange.me/fit/magic/ 13 KB
13 KB 249ms
152ms Image
image/jpeg 185.97.52.29
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Fwww.story.rs%2Fdata%2Fimages%2F2022-03-04%2F81277_milan-maric-getty-images-2_f.jpg&size=400x209
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: cex1.vsn.serv.si
Software: nginx/1.16.1 /
Resource Hash: 8d19c9839b2349a1f36147a24007dc8ede1385c6120813f51b981662938f9858

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 20 May 2022 10:12:29 GMT
cache-control: max-age=31536000
server: nginx/1.16.1
content-type: image/jpeg; charset=utf-8
x-cache-status: HIT
expires: Sat, 20 May 2023 10:12:29 GMT

GET
H2 200 /
images4.contentexchange.me/fit/magic/ 9 KB
9 KB 247ms
151ms Image
image/jpeg 185.97.52.29
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Fmedia.idj.rtech.rs%2Fuploads%2Fjwgef22k-169.png%3Fcaption%3DPhoto%3A%2520pixabay.com%250A&size=400x209
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: cex1.vsn.serv.si
Software: nginx/1.16.1 /
Resource Hash: 816beef25da65daae2c0d284e2f8325f5f6728cfeedf2f209eaa771f4494ce9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 20 May 2022 10:12:29 GMT
cache-control: max-age=31536000
server: nginx/1.16.1
content-type: image/jpeg; charset=utf-8
x-cache-status: HIT
expires: Sat, 20 May 2023 10:12:29 GMT

GET
H2 200 /
images4.contentexchange.me/fit/magic/ 13 KB
13 KB 51ms
50ms Image
image/jpeg 185.97.52.29
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Fnova.rs%2Fwp-content%2Fuploads%2F2020%2F10%2FRADNICKI-NIS-PARTIZAN_119-1110x625.jpg&size=400x209
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: cex1.vsn.serv.si
Software: nginx/1.16.1 /
Resource Hash: 1f7a557ad6f33afe3c411dc307c0bb5b443b393c93431dc5fdc6e5724f22f269

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 20 May 2022 10:12:29 GMT
cache-control: max-age=31536000
server: nginx/1.16.1
content-type: image/jpeg; charset=utf-8
x-cache-status: HIT
expires: Sat, 20 May 2023 10:12:29 GMT

GET
H2 200 /
images4.contentexchange.me/fit/magic/ 16 KB
17 KB 51ms
50ms Image
image/jpeg 185.97.52.29
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Fwww.hellomagazin.rs%2Fdata%2Fimages%2F2021-06-11%2F63664_sasa-popovic-suzana-jovanovic-bosko-karanovic_f.jpg%3Ftimestamp%3D1652982394&size=400x209
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: cex1.vsn.serv.si
Software: nginx/1.16.1 /
Resource Hash: 326be3571d7e848e44d172caed425df703c6f9d282f836e33e7a17b775a382ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 20 May 2022 10:12:29 GMT
cache-control: max-age=31536000
server: nginx/1.16.1
content-type: image/jpeg; charset=utf-8
x-cache-status: HIT
expires: Sat, 20 May 2023 10:12:29 GMT

GET
H2 200 /
images4.contentexchange.me/fit/magic/ 14 KB
14 KB 97ms
96ms Image
image/jpeg 185.97.52.29
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Fmedia.idj.rtech.rs%2Fuploads%2Fl3bkd3gj-169.png%3Fcaption%3DScreenshot%3A%2520Youtube%2FMADE%2520IN%2520BLKN%250D%250A&size=400x209
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: cex1.vsn.serv.si
Software: nginx/1.16.1 /
Resource Hash: 893d972d6501d4bcc4f3863df54fb56bef8d43d71d5fc17aacd2e3c630abe06e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 20 May 2022 10:12:29 GMT
cache-control: max-age=31536000
server: nginx/1.16.1
content-type: image/jpeg; charset=utf-8
x-cache-status: HIT
expires: Sat, 20 May 2023 10:12:29 GMT

GET
H2 200 /
images4.contentexchange.me/fit/magic/ 22 KB
22 KB 97ms
96ms Image
image/jpeg 185.97.52.29
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Fnova.rs%2Fwp-content%2Fuploads%2F2022%2F03%2F24%2F1648119772-shutterstock_2017665440-1200x800.jpg&size=400x209
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: cex1.vsn.serv.si
Software: nginx/1.16.1 /
Resource Hash: f4e19fe13a10e17fd15cb06c019c63b6527ec6c0f112e6fff969441b21fae24b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 20 May 2022 10:12:29 GMT
cache-control: max-age=31536000
server: nginx/1.16.1
content-type: image/jpeg; charset=utf-8
x-cache-status: HIT
expires: Sat, 20 May 2023 10:12:29 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 ce_thumb.png
www.contentexchange.me/static/ 2 KB
3 KB 174ms
52ms Image
image/png 46.19.8.15
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.contentexchange.me/static/ce_thumb.png
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.8.15 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: 2E130833.rDNS.SiEL.si
Software: nginx/1.12.1 / SIEL.NINJA
Resource Hash: 8f327829d94bda1536bc1a970fbfd21ce22bb0f048cd9437ce9a1f0401cd1b9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:30 GMT
via: 1.1 varnish-v4
last-modified: Mon, 19 Jan 2015 12:15:40 GMT
server: nginx/1.12.1
age: 8678
x-powered-by: SIEL.NINJA
etag: "950-50d0047d73300"
x-cache: HIT
content-type: image/png
cache-control: private, max-age=3153600
x-varnish: 641038534 639613694
accept-ranges: bytes
content-length: 2384

GET
H2 200 rAKYT4L9qRLPdQr86 Show response
hb.contentexchange.me/widget/ 14 KB
14 KB 308ms
121ms Script
text/plain 46.19.9.11
SIEL

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.contentexchange.me/widget/rAKYT4L9qRLPdQr86?domain=grand.online

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

46.19.9.11 , Slovenia, ASN51790 (SIEL, SI),

Reverse DNS

trafex.serv.si

Software

nginx/1.14.1 /

Resource Hash

db855d104d552660f447a438b3722b1a174876a2c0557e2a8f1738f9abce0e8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:30 GMT
vary: Origin
server: nginx/1.14.1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 14479
x-xss-protection: 1; mode=block
content-type: text/plain; charset=utf-8

GET
H2 200 /
images4.contentexchange.me/fit/magic/ 21 KB
21 KB 52ms
49ms Image
image/jpeg 185.97.52.29
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Fgrand.online%2Fuploaded%2Ffiles%2F02e1b6dc71e6385b96795aac06f4b41fa8551767.jpg&size=400x209
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: cex1.vsn.serv.si
Software: nginx/1.16.1 /
Resource Hash: c515a6d355257084f2a1298a16c8e6ed9a8c87519e6be64de0aa5d759af6d983

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 20 May 2022 10:12:29 GMT
cache-control: max-age=31536000
server: nginx/1.16.1
content-type: image/jpeg; charset=utf-8
x-cache-status: HIT
expires: Sat, 20 May 2023 10:12:29 GMT

GET
H2 200 /
images4.contentexchange.me/fit/magic/ 21 KB
22 KB 52ms
50ms Image
image/jpeg 185.97.52.29
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Fnova.rs%2Fwp-content%2Fuploads%2F2021%2F10%2F20%2F1634720956-auto-Foto-VanderWolf-Images-_-Shutterstock-1200x800.jpg&size=400x209
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: cex1.vsn.serv.si
Software: nginx/1.16.1 /
Resource Hash: ef83c27672ff8a7deb1c012bd5f6cbd63fb21bf76b2770c38474c32c0fe04e74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 20 May 2022 10:12:29 GMT
cache-control: max-age=31536000
server: nginx/1.16.1
content-type: image/jpeg; charset=utf-8
x-cache-status: HIT
expires: Sat, 20 May 2023 10:12:29 GMT

GET
H2 200 /
images4.contentexchange.me/fit/magic/ 21 KB
22 KB 53ms
50ms Image
image/jpeg 185.97.52.29
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Fgrand.online%2Fuploaded%2Ffiles%2Fd2363f07dd50fb282a20ef5510648e7c2cecc3ee.jpg&size=400x209
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: cex1.vsn.serv.si
Software: nginx/1.16.1 /
Resource Hash: 598a415b7e067fa0d86676fae6da1d87954b99b5f985ceb3f7990551c1eb2808

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 20 May 2022 10:12:29 GMT
cache-control: max-age=31536000
server: nginx/1.16.1
content-type: image/jpeg; charset=utf-8
x-cache-status: HIT
expires: Sat, 20 May 2023 10:12:29 GMT

GET
H2 200 /
images4.contentexchange.me/fit/magic/ 16 KB
17 KB 53ms
51ms Image
image/jpeg 185.97.52.29
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Fapi.shoppster.com%2Fmedias%2FBlog-Img01-Cat-04-Post-01.jpg%3Fcontext%3DbWFzdGVyfHJvb3R8NTAzODB8aW1hZ2UvanBlZ3xoMDIvaDI0Lzk0Njc0OTQ3NjA0NzgvQmxvZ19JbWcwMV9DYXRfMDRfUG9zdF8wMS5qcGd8NDVhYjAyNjA2ODllMDliMGZmZWZkMzhiYjFiNzY0MzI3NmY2YmFmMzdjNmVjZmRhYmNlZjVlNTJhNmIwNTAwNA&size=400x209
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: cex1.vsn.serv.si
Software: nginx/1.16.1 /
Resource Hash: 2458bec05d6415f88b16aca0336c9cd090e86881d7929593fb9481c13427d784

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 20 May 2022 10:12:29 GMT
cache-control: max-age=31536000
server: nginx/1.16.1
content-type: image/jpeg; charset=utf-8
x-cache-status: HIT
expires: Sat, 20 May 2023 10:12:29 GMT

GET
H2 200 /
images4.contentexchange.me/fit/magic/ 19 KB
19 KB 92ms
90ms Image
image/jpeg 185.97.52.29
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Fmedia.idj.rtech.rs%2Fuploads%2Fl3cqp80c-169.png%3Fcaption%3DScreenshot%3A%2520Youtube%2FIDJTV%25E2%2584%25A2%250D%250A&size=400x209
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: cex1.vsn.serv.si
Software: nginx/1.16.1 /
Resource Hash: e1cbe20b518b645a3e30b7a0e158de8b139450185ffcb351f9344e4f9f54df04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 20 May 2022 10:12:29 GMT
cache-control: max-age=31536000
server: nginx/1.16.1
content-type: image/jpeg; charset=utf-8
x-cache-status: HIT
expires: Sat, 20 May 2023 10:12:29 GMT

GET
H2 200 /
images4.contentexchange.me/fit/magic/ 13 KB
13 KB 97ms
94ms Image
image/jpeg 185.97.52.29
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Fluftika.rs%2Fmedia%2F2022%2F05%2Frenato-grbic_1_850x.jpg&size=400x209
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: cex1.vsn.serv.si
Software: nginx/1.16.1 /
Resource Hash: 1cc573ea4a3fa1b97e2995d23c205ca4967d06322e76fd0020f26cb4cf4b4194

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 20 May 2022 10:12:29 GMT
cache-control: max-age=31536000
server: nginx/1.16.1
content-type: image/jpeg; charset=utf-8
x-cache-status: HIT
expires: Sat, 20 May 2023 10:12:29 GMT

GET
H2 200 /
images4.contentexchange.me/fit/magic/ 16 KB
17 KB 97ms
95ms Image
image/jpeg 185.97.52.29
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Frs.n1info.com%2Fwp-content%2Fuploads%2F2021%2F04%2Fshutterstock-640248574-322737.jpeg&size=400x209
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: cex1.vsn.serv.si
Software: nginx/1.16.1 /
Resource Hash: e779b2a44a9721993a448ac813dcda963e15dbfed35db5b0689403e36fdd28a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 20 May 2022 10:12:29 GMT
cache-control: max-age=31536000
server: nginx/1.16.1
content-type: image/jpeg; charset=utf-8
x-cache-status: HIT
expires: Sat, 20 May 2023 10:12:29 GMT

GET
H2 200 /
images4.contentexchange.me/fit/magic/ 23 KB
23 KB 100ms
97ms Image
image/jpeg 185.97.52.29
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Fgrand.online%2Fuploaded%2Ffiles%2F7fb68324fe94ed6f4a54e1cc27d16bc2c0c08b69.jpg&size=400x209
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: cex1.vsn.serv.si
Software: nginx/1.16.1 /
Resource Hash: d3c597f5faa5fed401d4507930fe5d678f5f0b48c73a572c7f8c817caffd1bdf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 20 May 2022 10:12:29 GMT
cache-control: max-age=31536000
server: nginx/1.16.1
content-type: image/jpeg; charset=utf-8
x-cache-status: HIT
expires: Sat, 20 May 2023 10:12:29 GMT

GET
H2 200 NfSyfxPKzJuosYyGC Show response
hb.contentexchange.me/widget/ 14 KB
14 KB 255ms
118ms Script
text/plain 46.19.9.11
SIEL

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.contentexchange.me/widget/NfSyfxPKzJuosYyGC?domain=grand.online

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

46.19.9.11 , Slovenia, ASN51790 (SIEL, SI),

Reverse DNS

trafex.serv.si

Software

nginx/1.14.1 /

Resource Hash

db855d104d552660f447a438b3722b1a174876a2c0557e2a8f1738f9abce0e8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:30 GMT
vary: Origin
server: nginx/1.14.1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 14479
x-xss-protection: 1; mode=block
content-type: text/plain; charset=utf-8

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 135ms
37ms Script
application/javascript 34.102.146.192
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js?cb=31067705
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 17:36:37 GMT
content-encoding: gzip
age: 318953
x-guploader-uploadid: ADPycdvjD38YpMMT7Zx-08DMVTsFOu8umZmaq19zxkHfQzkXHLSiVSY3fiIdwl13dgWRKC9I0rLTR-nowc8pCrAvq_XUsxqmrQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
x-goog-generation: 1622140251693895
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 16 May 2023 17:36:37 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 36 KB
12 KB 159ms
52ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js?cb=31067705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

bfafefab6495db40df1cda93e99fba7f01384e766cb8c414735ba965c7b84d65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:30 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 11:21:01 GMT
server: nginx
etag: W/"6271101d-8ed3"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 21 May 2022 10:12:30 GMT

GET
H2 200 pubcid.min.js Show response
id.sharedid.org/lib/ 732 B
904 B 636ms
198ms Script
application/javascript 52.24.215.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sharedid.org/lib/pubcid.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js?cb=31067705
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.24.215.1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-24-215-1.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:30 GMT
cache-control: public, max-age=86400
last-modified: Mon, 25 Apr 2022 14:05:05 GMT
accept-ranges: bytes
content-length: 732
vary: accept-encoding
content-type: application/javascript

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 41 KB
12 KB 143ms
39ms Script
text/javascript 46.105.202.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js?cb=31067705

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.105.202.126 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e8c287537c67708aa38e91a2bd427e8ee691ca7ac3a264a2640eb6e36a72f811

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 09:47:17 GMT
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/javascript;charset=utf-8
cache-control: max-age=3600
x-cdn-pop: sbg
content-disposition: attachment;filename="esp.js"
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 11458
x-request-id: 1047790845

GET
H2 200 uid2-sdk-0.0.1b.js Show response
prod.uidapi.com/static/js/ 4 KB
5 KB 415ms
129ms Script
application/javascript 18.189.50.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.uidapi.com/static/js/uid2-sdk-0.0.1b.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js?cb=31067705
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.189.50.18 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-189-50-18.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 9b79f241192c69b3ba86c6a7ab1b53b5d0e6d518df418586a940318032b1cb29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:30 GMT
cache-control: public, max-age=86400
last-modified: Thu, 7 Oct 2021 20:31:32 GMT
accept-ranges: bytes
content-length: 4521
vary: accept-encoding
content-type: application/javascript

GET
H3 200 container.html Show response
f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 487B 6 KB
3 KB 118ms
42ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js?cb=31067705

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://grand.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 20 May 2022 10:12:29 GMT
expires: Sat, 20 May 2023 10:12:29 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3C05 6 KB
3 KB 61ms
44ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js?cb=31067705

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://grand.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 20 May 2022 10:12:29 GMT
expires: Sat, 20 May 2023 10:12:29 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3D95 6 KB
3 KB 52ms
39ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js?cb=31067705

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://grand.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 20 May 2022 10:12:29 GMT
expires: Sat, 20 May 2023 10:12:29 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F374 624 B
560 B 132ms
50ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ3cu5ARjkzK3DATAB&v=APEucNXgPMwooE-TM9YWvnN2dWEI6H2_Kif6URpKrCBsgmDX4L558YzT5fu6gunIAZqc0UERom9GMWbDDA517mbBSZm3iJ2HjOvCbxZ9UAzZhzHdGB7GplbhtliwA89kMQCXQI-BoNeXKfdFG1waCIhn9o45uUZg3B-rK1F1Kz70pigFc0a5N_U

Requested by

Host: f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com
URL: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 May 2022 10:12:30 GMT
expires: Fri, 20 May 2022 10:12:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3D95 76 KB
32 KB 199ms
117ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cl-bUeWifl3weUkaNoGEthI6Yp_eul_HBBGIyiQkVWyc9iWa543tGpEZrsHBVJDq7VMpgw65RXnjDDfbK7ULxyvpyD4e_SG-VHOo0MXAMUDpjxeN7zOO8TqzpZvaUz4OucYQczA_wtGFryVSAn26XL5O-aVQ&dbm_d=AKAmf-BqCjdg0ojo8-TEoyD9Ly_g3pklR6fkfWMrfQW_hMZyI21Ly1c0cAblDhEG6QejT4zYacfy7lOt5lmEAByPrVVp0UAAGkYd26kP4ujo-2yPW2mdSjG8rsYB2UYqFiSUxO9Vt4hjWSk5L4yC_ds1e-0UjXaMWW1zqzQC8dygUaT2U82923VjlG-48S7gww4Gf6XQfowvTaFkrPR5DE3nR4bQU9UJCw2f_ueRwu4RKeVP9B8ygEmatLtZBacSdUWxQYNWOnwNQZc-45bpHbJSemSU6YqsJVp5ngyDQY_LYK6LaXDKB1m0DtqAaUNgyZRtK3MDzJaQor3GyEy-BWc-K8Mt4Lpj-8JN_RobpPUiA3_kot29I8iv5vNrcCBJm60jBVY60qEaviiJtzAl1hA-J0TN9OFQECL0LCW0J4emCb7pFVl-gHjqYVK8XG4HpVmTq0CbyMPzh2M430-TGru2G77bIt87EnZb9cc8FxqXoMnRgGZR1uvMdJ1jMrAUh2kRU87S-NRLQObCeoM32NJQ1FvVbhyH56LSDw5jiILXT3BQHtVDz3C1v6MLlLK5M97iWfWtG8AiYlI1LAtMDRQ1nfjWE8PaqIus-_du3CF801InbfzXFH7mZNHBaBs3RCsXCtsuza-po9hywnRkO0eO1Lov_Wg2QSmu5Gdc0aEVgolb1RelWe5cmu30KFd3b_bG90cnxzDjvtck6E8q-CpNB7lCTzNswQfQTXik2awVIqB3mlNvrgDQOA0Mx7TtUZr_k9YkpnSVqFgo8ueLkKRIccky8Kyp-Tw-Vs44tkY0f5J8wxE77nVEf-gfhKMsTGqyTpzVbrszKAPq88nHpAC5aAtiPMQpNLt0VLGWoUwHjTnXR84eqLetKzfMQMWJtmIrObn3kwo2KYp1-zb_Qtbuo4lfFdx2J2lTanMfZbHAZOfIee8tf38_UWAUbRr5yZseF8bQLLBp2Ql0gb74oiMeFqXPUwiwhSKmz6dTkG59WVzwEaxCo03_LOTqM344FnICfeim3MtSZzkTGFp7EGVv3LljahtK4JTL1TLHKhrO_YBZH90tccdyFTsnRzSZ52gtz8a4i_tntaBZGBeUllgb274r99pel2JYaQTOxWEiNxyjgjE3E3mxtCvELF8efyNCFyLlvAnqUnoRCgO1FT0UZsZTBrNMM-0TpJ7dIjK4ADrCWUjfyKkrNDrPsfgzBDFC2GT1gExlzYnk8sgeppPB9FwChKNfNjRA2QEM6YRAHjBF5osV1ZmGXupAp5rYKSU2aY1eWvndd-fpZhk2yAdhx8k-dZQgq6V7zRKYIGSjj37ijEZUiXqlqHRn5GzcuWZvBT9DrVoc5BVUswUVgwmB_N_o3oy6T46zAOj4CitvGrOER4e7eDiCEAkjBoRe_94E8xwxSU5a-B8eJShauI7KzQaBHGhuZHaSjNj8cHXjCOkHtUMuBsNrZZbeGuHp-fW11AL8rAvznU4i-ubtAlrBan-3z9tGMBNxnavwsgMacKbhvImnsn65KANcRc7gjIK9EFR4zZi_mmWteeNBpBgSOtZhonYNghbInhzCf6CpJRagEaqEn0it2_3avSSuChZMoN-UFsJTY_vxffsDuR45y6oeGyiUc5TVKXV1mI32ZNNZI1yg3Puj7-WjS9OIz8qjfhWhz2a9Is3MWdJaqWy14P74yLQ2wIwwuPHU7fLcg5Fb4fMSU-xDhfOYrKi3MZJzovjDB82yx1cuHFz53EKAIZOEjYdkwtBS4QHuCJOv2MKa-KhcugUajvVP_m31fRo-zXC2HLQJXz6B__y-17l2aacCG8C-7u6cthdsxtuSOjaK_xg1-w24W4ECx26xKDqCyH1sq0fZOxGujJbmAxq7iFBEst7c3ddYWq8j9n9oeGHxmLtvg1Q58rNvbEDhomxcejxLdIVhHo5rGTLlSUKequvR4Y7njiW5X_pYk51vrK0IoBt8YoNxre9Pf7gkEPe65DTtZKN4SQARQrJ7omPJnqNPHQTUOuj2aMsw14ClmYWKLhNHl_UV-aBXQjQf9OH43WKnG5GmYWSBQFT0gjOx08b2Qqqx2lUEhsWEUZkQPYHv1kbAAuS-GX6NNo5UnHSvl-odTPMjb605OUPGpAN_1AHI6gEYIEFgWFmD1UeM49SVmzH-xs-vWbi8-wYgdaRPZG1MH-geJIzrpCOgq3ar6YpY7jvrBMZOC1lvjvHux62-C-Za0z9rA4pFIE4N_OEpsefq_Uz1Vsl6HNTiQj4pPL-gWqaFC1ivRxl6oxCR8qQAn7XyiTXdvAPR7VVsii-iuEJPJfcrSQekBF7bmF085-goBkNydJWVx2VUcSfuTVlIagZ_i7W97G-iqte_69sPizzGAKx7uh8MH_NclhdjGsa6K7jrF0LSTAuthtcX79bMoka1AoYMkm4KNYZC4_cSfvmqMfzzNswFyHjt3tlf1EKt7mxzi01VP4de-snnQzd-CYrz44Nv3riVcAKImrEMp51zapcKE5B3h-zlhGEqwIrc_9m2XgzVWEX0SkRa10ynlsE2JSV1ZNizcQuI6BBKOWsK-XTzTRtazCQyV8iD-E-91LHbILOk54CbRPgyv3ClyaSPzRP9AcaEqAMu9R_ox8H1umMc9SYlshnND5-isJIYTq4HFM0p1L1MRKkQGhXiHZy6kj7wA9YDYSwW0765_EcT09etZspbL0BRw9BmPUKB4BqD_6gBXKmdo6SsmlVdtSaGGNkjkVexGMoIatFFVD6Ua29AtA0hd2lAI785yowwsurhvexJxDQdUN8oRI_NqmAErlO-aso_Oc5wvPeBD4U-Nj1l6UrVMchognnIXvyBo0T8xSUlwnxrBo8eNNBI7y-cfIDA_e1PjvtD4x6gkgj7oxklBE2YboDPv6w4ezmDmsGAFZWYHqG2BLGj84f104blZZfiO2aQUxtq5phgv56TxDBRcDmi8BB63iD_LC2vgWaSgMrrBZ9NlGuza46D-neJBVQKb1pTIAlWNGBpmuHwxlsDzQdq4Lk1Z9NwFkcKa1CVvh1_WSEZ0JfMdi2wT-7F-hLcd8Ir7iwYyCCvt9b7Pr8FmNsMk194ZoIPFaRQO9mWmIHBFpqPRYS19bpjwEde4VFb1hOP7nckw9Mls3tymFnY&cid=CAASKORoajag453uAV4O28qQoamQn9tO1kquyrD6JpKm1MKyLlsonsWlf6k&rfl=1%2Chttps%253A%252F%252Fgrand.online%252F%240

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6f7cb3b1af1f1fda712e5168630fdae7622c9da2ba457944108000773e4ab7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:12:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32821
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3D95 42 B
494 B 154ms
70ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AbOxcoofSN9Ne_Pm8J91QUYtOM9QjwSEBADQq8NK_H1KcfiGLBbaugXuqmm_gtffOx2N1owaqRrzV1eMQcQrRPj7tDJmqwO9c7S7GRoYgZ9EJM8zQ

Requested by

Host: f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com
URL: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:12:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 3D95 3 KB
1 KB 165ms
81ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js

Requested by

Host: f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com
URL: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Jun 2022 10:12:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3D95 135 KB
42 KB 2317ms
2229ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com
URL: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 20 May 2022 10:12:32 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 3D95 17 KB
8 KB 124ms
41ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com
URL: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 301
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7211
x-xss-protection: 0
server: cafe
etag: 2988716039725867132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Jun 2022 10:07:29 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B5BD 624 B
976 B 125ms
49ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhiD0tK7ATAB&v=APEucNWaEnDZQDpdjhTQrl7doaevSAHIVHCT9-vZsj2iEh2YfTE8S-Rx264pSFe3uxPMjGkL8gL3l60RbhvcqnPEot3qnAgeHcN_gdzJ7rT0cSlll23_11mOe1zxG3FG8PL3mgqoHzXlU7FmsT0lypZO3RwECzcU-yijPwby88F1_CyO58wLdno

Requested by

Host: f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com
URL: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 May 2022 10:12:30 GMT
expires: Fri, 20 May 2022 10:12:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 487B 78 KB
33 KB 157ms
81ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AyIH4hbj6G7hK3_ODX7cc3df8y36Oq2AtA3NC_YjqfD11NnkAkXaA2xrIwjpegDoO5r4553o_gWNqxEEpTpMcwUV0fXbmV0wSHh24zp5pAZ0SoIHNHUDQTSHq7ltFlo5wpSSrod00PKv0u8VhZKn2PtjozwQ&dbm_d=AKAmf-A7ccdG3a5vqUIYO_EEwLo1eo2Ppjc7lduSBm6eJfF0RIb3XJ50nVsysQd5qHHjLUx72-W-KZKy2kGb68WOv254o6Ef3LhLlhiwulG-pLVh7FXuzgRbXuC4YBPxrkFJ0LhNmS2SE17ccL8gqMc6lrlYytaPh2eDshHhSHoHCfBFTlCDsIyu_seK6oKJl-c3R4Y8M5t7d5Rksk6IXoFAPPyfJUO5hXz1U1nfolOXsiq_0_hBgnE_knd1w_u4McCQdw8DpQKGbO2-XAU7SsWHjLN_brhucLs1kgItxyM5A1zFokl4zP-fr5YjCskjpmqc438Txg8_jWY_8lS82om2ZgZ2mA45qvmS4JUwMzzlZsWsJF3uhzlD0vJ9N60xIOwZnJH3_OobR6QgiUByrGFoTOQB7KJdnTORGImjcSRo8TBFP7R6FhslBkMYECvwMFLl0jeFu1B8qUI1qABpp0MHxwkpE3pKsr3H4iD_0PNNS37tWXejAEBUOJt8-UnKDeOl-IAx533SP3JFmfIyNysCQ7NjRN9uosz87jRnQx7HSGKGGTn29jxyFWUdQN6FygGJ5FQ2ATHGsp5RRPqxWsBmi2eBSMesZpyrleOhwytA_4Plw_oynZXYyw9peIJ8GmAjQhfTV1zk6YohlyuRZIPA10WOTWBFSfZMN8-BLw7nsI8z6S9nr1G5XBA0WGuhxWXdoV0cskPrrVTAhIs6lAtb8vecnbJB35TAGVONsAbfpvEjkfbtdpTO2TepYvphE1_POsJgnNsMSGlK6hXcsmdAE_LjIY-NFUcdtqfyp-5x6XCG9znKgcoQKf9sfItq-nSnhkt0MbkXiMNFk7a-TyE7DfWiT1mp19uFxAsgDkl8TWN_9Jja_CAGaRjdTQIRJjaLadbLKb7WXeOggXSEeUyWjny6bSxImbTdfPxHWD-ud04gOLjM7B6o0MlFQrDOYclRjIntWqFcePUfx9e4ZX299Z8Ah38MTXgqDQFrKSVE-95wM5RyFvooNRz_LrKdVdc1UrBXkb5ezgEviH8thObPj-4rnDruPR-u8d7wtWnir4YKH0jZY6L2ceD9bJXpZsbDm1yJPUKifRlAdhipBIGKpL-tnaJPhMN13Z1h_JLoGCo_GYE5EcbJ7BKQ33CXApWgnW_oufp8b94neJDJpxvsXXkB7CEb2acdE1kMJEn-PQ7Z2YC8nplMJB-z_hBRbIgSEVAe6vRp4-UCt9yiBPRQPrKQBWCyXg-J5wM6_iRqZemuWlLP5Gx90s-N0iRhf_W1kIT2r5PfG30RCPzPcQb9B31z5f8klTWWW8RyZ4HKjZYAf9-EnwidnladMTwvU1CdyCGezAuHZZ_M3KHZJkDTLBlGKw0vZqW1tM8qTonyjY2zHj6kcXUz2z5Gd8QFvQK701umpCG2QG_DiWOft4f-SJaX9fn1lGpd51NR7hXiaCfkFUvT9qqUEEpbxAtuID1An2qrBunEqYVt2XiMNqm60M5voaj7rHXCpRF4JWH3db_XvZrs4W0j0VVLiwJhJtZcfmFsRfFvL7rDaRxvBPhkj0wdg8nq6DKoUKWw1qmNW3JbY7fvzv8QQDPJ15xzdANpJwqgVm33cLOykF9f8APWWVOhT9v_Ip2Hqr10MSLNbrckBFkgrJPv4JCfCEieVeS_Zp-P_kz_uEeQ3NxFGE0w2P7lPDnvQZtf9z0mBf8zp9qOvhXO-qt0fxbYYnvBK_ZVlYb_TeSIlC5I1qBOkaVSmCz-zQ4TqJJJ6zIyF9AI0qb8CmLXGluqGDjEnQMTZy64MnpBeVZSSS1wM1JI86FzvrlhuyWblC8jpuCDzWUB1mav2eW1Tir3lUBkH_Izj-ac0QKd3ZTn2WcC8ytI2MgeXbme3kqnJ1qgREqcqoGAEcJ8AIQFvpe6eUQVW7TDxO1WYBnq7_1AfQSsKwd5k4E2uawt7p3sqgW9CVy5msPGEZnd4_oRGGzvILP6cO7zsw-nZsgkfLK12xzKr8TFD98-KanzK4YhFORPg9HPrFp_OyxrFceOEOP7uwJDyX8B1H-WAnu9CxDvszXcg3TafxME_8zANjvh1vX2ExNgEKwZmdBZ1e1z0i7E-nrO7TfWGGmwuMEnJS19u9VwIp0De9noTUDqS24sR0xR6zI-Ao_sTaLdt_Xm8xec-0_GdczE3qS2scanQSxlgke53ptULyVwd-WftaIo7seUJzi_17d6h401ic3Yx8kPX2dasUwKdJP37ct8Jr4LmiNzFGkQvqb3BxSPz4B6S_xSghHUa4PKfSiP70yVu0XhPv0GDrgr8s36jOh7wfS-e7PSBdSifqAdRR-v0uvnBeAFqf1mmXb59iJmbKIWgSSVpuPt4emB5TnFqPXYCnCKbi3MiWGhsAfs8f8KB05Y4VNMcFYKMIw64QK0DMxXbkdgqkHSBypC3wrZ3JF187SsD_4a6GH6eMrvBEI2OFQC7v4s2wWBbtxJgn49yZxg2uTBn-dikIeoMJklUcYByUbJvzH3m3lCApQVAFTgvotk_WozyaaI8JOT2U5_Mh4QVmYmAScYadgyMlYy9Xpj5VPy-OwR3L_Fu9MMZ2aDoCAb_dkyGuQFHEXL2t6kC8Uue1X5pbgxXheGjXM0bDe3vPUoz84Q6mWQF1sHVCr8cQOXp-LtlNwizSQaITdnkdPC3eDP43noKkllBnYIUt8TSQER7B26egT2DKPZbkj1uAvJiqG8qWNF7K-5wJ8_0JiC2PpfEsoccMYSJY6LFJ9ty2UIKlfhPOII7I8TOqgL5y6n5h574giv-QHcNRgvNSLuDp0aqj_xoVscAhl1hsN3CpXm-wiCmWZVZhiAJp-FzKqGF59qC_KlJ3IfQFcirxIKkeAFm4Wr8YO5Cz5PplAaiWPOfo-0yUy7G4CbVududCmHs1Tl1q4xeeUPC8IPi2eByP4rRMnGLYF4OFMKcJMhJU5yO8oLJ7SNxg9K7blMgHf8b19ueLAI8F0bTsROkhQ5iuYA_y1UEXHU9q8qTE7HMzbQG-je72iBRPCTmIMUZEHyOMy4pa3gR-qnH566x704LXUzEHQHi3kaKaglYNRX8UkRrK1pBUKYcXMWogijDnlumfHhgYEFWZLRCHozVUbZQlL058yRXJi4PtruAm_LkD1yFN8ttEZz00DyOnAIHPxzYzWXAjOR3jvb_qBSIosxhyo&cid=CAASKORoLzcL7KCw13KSBPn-uSFItAQVaA27499gzicvZM4JlezqNldeV88&rfl=1%2Chttps%253A%252F%252Fgrand.online%252F%240

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c2ea9027801b5af169fb62d0cda28d58db4e94007e94fd5d37bd7868d9648b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:12:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33043
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 487B 42 B
107 B 148ms
70ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DI1_cWR5unpPwf4hajHRZ_oSfn3L4A86lyA-J4WXKdWPwFf8lETCMAgIBK0_hVtowBh2-6JL7VWmkNT3WH8M5ZfmcP8_5y9LIUytze0hwJQKcvcXg

Requested by

Host: f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com
URL: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:12:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 487B 3 KB
1 KB 157ms
79ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js

Requested by

Host: f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com
URL: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Jun 2022 10:12:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 487B 135 KB
41 KB 2359ms
2277ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com
URL: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 20 May 2022 10:12:32 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 487B 17 KB
7 KB 122ms
44ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com
URL: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 301
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7211
x-xss-protection: 0
server: cafe
etag: 2988716039725867132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Jun 2022 10:07:29 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 487B 0
0 130ms
48ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaToNDU-araAxpSCZpSlhOUq5SMyFWDYmedVdNaa5JgGZSgNmGFS27Dps3eZLklbQCdByUgRJgONU6QRv3LNCgQ-Gg4Yag
Requested by: Host: f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com
URL: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/ Frame 3C05 21 KB
9 KB 143ms
71ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/abg_lite_fy2019.js

Requested by

Host: f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com
URL: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fc62d99ca580e914d7af298fd36b6926ba2b1e6c97ab21be0f9022f9c665816

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:11:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8611
x-xss-protection: 0
server: cafe
etag: 11030745046341915621
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Jun 2022 10:11:58 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3C05 8 KB
714 B 46ms
46ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com
URL: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6b3f0a6d6a59d8015a0f304089d399067747d2618e48cce61474983bf0e76f7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 20 May 2022 09:25:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 20 May 2022 10:12:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 May 2022 10:12:30 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220516_RC00/ Frame 3C05 14 KB
3 KB 136ms
39ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220516_RC00/outstream.min.css

Requested by

Host: f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com
URL: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 13:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 335299
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Mon, 16 May 2022 10:38:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 13:04:11 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220516_RC00/ Frame 3C05 352 KB
121 KB 137ms
40ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220516_RC00/outstream.min.js

Requested by

Host: f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com
URL: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5380c721af33202377a3c3b70f20697d1a5883f6abfabd089406c64c231de81d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 13:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 335299
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123891
x-xss-protection: 0
last-modified: Mon, 16 May 2022 10:38:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 13:04:11 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 3C05 17 KB
7 KB 119ms
50ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com
URL: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 301
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7211
x-xss-protection: 0
server: cafe
etag: 2988716039725867132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Jun 2022 10:07:29 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 3C05 0
0 122ms
47ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSrE7Fru_jYVFpGF_9wtHAtK3H9Rv1vSwE_Oc6h35TyE0I1EJ7ewM7BQN4Kd7-KTA-66-oYwIu7i_udbR79gCi7UzB0Xw
Requested by: Host: f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com
URL: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fgrand.online%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fgrand.online%2F&rid=esp&cc=1

85 B
103 B

182ms
143ms

Fetch
application/json

34.120.107.143
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fgrand.online%2F&rid=esp&cc=1
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H3
Server: 34.120.107.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 11b23e5e769b4defc94abc5e853a128ddc998ec55079374f433198b6f5320add

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:30 GMT
via: 1.1 google
etag: W/"55-uNnu4F5cgFLkHNP6qu4FIP3RUrE"
x-powered-by: Express
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://grand.online
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Fri, 20 May 2022 10:12:30 GMT
via: 1.1 google
access-control-allow-origin: https://grand.online
x-powered-by: Express
vary: Origin
location: /esp?url=https%3A%2F%2Fgrand.online%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 hbscript Show response
hb.contentexchange.me/ Frame EDBA 52 KB
53 KB 58ms
58ms Script
text/plain 46.19.9.11
SIEL

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.contentexchange.me/hbscript

Requested by

Host: hb.contentexchange.me
URL: https://hb.contentexchange.me/widget/NfSyfxPKzJuosYyGC?domain=grand.online

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

46.19.9.11 , Slovenia, ASN51790 (SIEL, SI),

Reverse DNS

trafex.serv.si

Software

nginx/1.14.1 /

Resource Hash

ef6d9f9c94434f8a10abd4428410593903b24b0a5a79c077029123b37c93d6f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:30 GMT
vary: Origin
server: nginx/1.14.1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 53518
x-xss-protection: 1; mode=block
content-type: text/plain; charset=utf-8

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ 58 KB
24 KB 197ms
54ms Script
application/x-javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: hb.contentexchange.me
URL: https://hb.contentexchange.me/widget/NfSyfxPKzJuosYyGC?domain=grand.online
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 27959adb07002b9ac7aa480b6357412fb96e7531af950c33714c8f9873aff5a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:30 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 11:59:05 GMT
server: nginx
etag: W/"61f13789-e95e"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 page.php Show response
www.facebook.com/plugins/ Frame FEA9 102 KB
30 KB 178ms
101ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZvezdeGrandaPrva&tabs=timeline&width=300&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=false&appId=534904083375143

Requested by

Host: grand.online
URL: https://grand.online/resources/vendor/jquery-1.11.0.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ebbd51aa1cdb28ea987c9d74147d4be8a02d07f1f990789fa0a35c6f7caf67e6

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://grand.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Fri, 20 May 2022 10:12:30 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: nmXvggNzkyy/Df6vLp43qUDjILxWjB6xEQjcubpqm3mzKzMoUm193TDh110kyW71/yToT7gmixlcmzlWY5LSzg==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 73C0 14 KB
6 KB 126ms
43ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=grand.online

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

302dc1d6a476fea2d5835e1e98b48c3e19c0488858e857a223fdbfc06806ebb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://grand.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6039
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 20 May 2022 10:12:29 GMT
server-processing-duration-in-ticks: 2282
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B5BD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENMwYgf_1Mj-W1RQARSr_Vk&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENMwYgf_1Mj-W1RQARSr_Vk&google_cver=1&C=1

43 B
1014 B

59ms
44ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENMwYgf_1Mj-W1RQARSr_Vk&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhiD0tK7ATAB&v=APEucNWaEnDZQDpdjhTQrl7doaevSAHIVHCT9-vZsj2iEh2YfTE8S-Rx264pSFe3uxPMjGkL8gL3l60RbhvcqnPEot3qnAgeHcN_gdzJ7rT0cSlll23_11mOe1zxG3FG8PL3mgqoHzXlU7FmsT0lypZO3RwECzcU-yijPwby88F1_CyO58wLdno
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 May 2022 10:12:30 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 May 2022 10:12:30 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 20 May 2022 10:12:30 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENMwYgf_1Mj-W1RQARSr_Vk&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Fri, 20 May 2022 10:12:30 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B5BD
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YodpjnDv.PWmY7QlIcuZHwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFDNIbzfmjRIwlAcfo6vX5I&google_cver=1&google_hm=2

43 B
894 B

43ms
42ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFDNIbzfmjRIwlAcfo6vX5I&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhiD0tK7ATAB&v=APEucNWaEnDZQDpdjhTQrl7doaevSAHIVHCT9-vZsj2iEh2YfTE8S-Rx264pSFe3uxPMjGkL8gL3l60RbhvcqnPEot3qnAgeHcN_gdzJ7rT0cSlll23_11mOe1zxG3FG8PL3mgqoHzXlU7FmsT0lypZO3RwECzcU-yijPwby88F1_CyO58wLdno
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 May 2022 10:12:30 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 May 2022 10:12:30 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 May 2022 10:12:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFDNIbzfmjRIwlAcfo6vX5I&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame B5BD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPeg7mAT0E5ZFTKfpZJXFpo&google_cver=1

43 B
1014 B

79ms
39ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEPeg7mAT0E5ZFTKfpZJXFpo&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhiD0tK7ATAB&v=APEucNWaEnDZQDpdjhTQrl7doaevSAHIVHCT9-vZsj2iEh2YfTE8S-Rx264pSFe3uxPMjGkL8gL3l60RbhvcqnPEot3qnAgeHcN_gdzJ7rT0cSlll23_11mOe1zxG3FG8PL3mgqoHzXlU7FmsT0lypZO3RwECzcU-yijPwby88F1_CyO58wLdno

Protocol

HTTP/1.1

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 May 2022 10:12:30 GMT
X-Proxy-Origin: 80.255.7.101; 80.255.7.101; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3cc85110-c7d4-45b5-9a71-6a97d201046a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 May 2022 10:12:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEPeg7mAT0E5ZFTKfpZJXFpo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B5BD
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODEzNTc3ODk2OTkzNjg5NzM0OA%3D%3D

170 B
188 B

122ms
47ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODEzNTc3ODk2OTkzNjg5NzM0OA%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:12:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 20 May 2022 10:12:30 GMT
X-Proxy-Origin: 80.255.7.101; 80.255.7.101; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 47179d53-c5dd-49cc-9b52-d672575762e8
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODEzNTc3ODk2OTkzNjg5NzM0OA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F374
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENMwYgf_1Mj-W1RQARSr_Vk&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENMwYgf_1Mj-W1RQARSr_Vk&google_cver=1&C=1

43 B
1014 B

57ms
44ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENMwYgf_1Mj-W1RQARSr_Vk&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ3cu5ARjkzK3DATAB&v=APEucNXgPMwooE-TM9YWvnN2dWEI6H2_Kif6URpKrCBsgmDX4L558YzT5fu6gunIAZqc0UERom9GMWbDDA517mbBSZm3iJ2HjOvCbxZ9UAzZhzHdGB7GplbhtliwA89kMQCXQI-BoNeXKfdFG1waCIhn9o45uUZg3B-rK1F1Kz70pigFc0a5N_U
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 May 2022 10:12:30 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 May 2022 10:12:30 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 20 May 2022 10:12:30 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENMwYgf_1Mj-W1RQARSr_Vk&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Fri, 20 May 2022 10:12:30 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F374
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YodpjvAyMhGNQAO-.CkeiwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFDNIbzfmjRIwlAcfo6vX5I&google_cver=1&google_hm=2

43 B
894 B

43ms
43ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFDNIbzfmjRIwlAcfo6vX5I&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ3cu5ARjkzK3DATAB&v=APEucNXgPMwooE-TM9YWvnN2dWEI6H2_Kif6URpKrCBsgmDX4L558YzT5fu6gunIAZqc0UERom9GMWbDDA517mbBSZm3iJ2HjOvCbxZ9UAzZhzHdGB7GplbhtliwA89kMQCXQI-BoNeXKfdFG1waCIhn9o45uUZg3B-rK1F1Kz70pigFc0a5N_U
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 May 2022 10:12:30 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 May 2022 10:12:30 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 May 2022 10:12:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFDNIbzfmjRIwlAcfo6vX5I&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame F374
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPeg7mAT0E5ZFTKfpZJXFpo&google_cver=1

43 B
1014 B

67ms
57ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEPeg7mAT0E5ZFTKfpZJXFpo&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ3cu5ARjkzK3DATAB&v=APEucNXgPMwooE-TM9YWvnN2dWEI6H2_Kif6URpKrCBsgmDX4L558YzT5fu6gunIAZqc0UERom9GMWbDDA517mbBSZm3iJ2HjOvCbxZ9UAzZhzHdGB7GplbhtliwA89kMQCXQI-BoNeXKfdFG1waCIhn9o45uUZg3B-rK1F1Kz70pigFc0a5N_U

Protocol

HTTP/1.1

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 May 2022 10:12:30 GMT
X-Proxy-Origin: 80.255.7.101; 80.255.7.101; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: eaa08133-8bb3-481e-9f7c-b26c7f579f7a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 May 2022 10:12:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEPeg7mAT0E5ZFTKfpZJXFpo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F374
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODEzNTc3ODk2OTkzNjg5NzM0OA%3D%3D

170 B
188 B

91ms
47ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODEzNTc3ODk2OTkzNjg5NzM0OA%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:12:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 20 May 2022 10:12:30 GMT
X-Proxy-Origin: 80.255.7.101; 80.255.7.101; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 57d6d23d-6cb4-44d3-8e49-2d887930b096
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODEzNTc3ODk2OTkzNjg5NzM0OA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 prebid Show response
hb.contentexchange.me/ Frame EDBA 308 KB
308 KB 56ms
55ms Script
text/javascript 46.19.9.11
SIEL

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.contentexchange.me/prebid

Requested by

Host: hb.contentexchange.me
URL: https://hb.contentexchange.me/hbscript

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

46.19.9.11 , Slovenia, ASN51790 (SIEL, SI),

Reverse DNS

trafex.serv.si

Software

nginx/1.14.1 /

Resource Hash

239d680fbab8595308467c529a3f86da782970d8a5c9a1ea42a8f65c046f8079

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:30 GMT
vary: Origin
server: nginx/1.14.1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 315122
x-xss-protection: 1; mode=block
content-type: text/javascript

GET
H/1.1

204
No Content

bex
sync1.adnetwork.agency/dmp/sync/ Frame EDBA
Redirect Chain

https://sync2.adnetwork.agency/image?pbjs=1
https://sync2.adnetwork.agency/42e07a438e71ad07eabd104f7c353355.gif?gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]&coppa=[COPPA]
https://match.contentexchange.me/dsp/?redirect_url=https://sync1.adnetwork.agency/dmp/sync/bex
https://sync1.adnetwork.agency/dmp/sync/bex?external_id=6287698dde5ad701f8ee206a

0
277 B

178ms
80ms

Image
text/plain

109.206.161.115
SERVEREL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync1.adnetwork.agency/dmp/sync/bex?external_id=6287698dde5ad701f8ee206a
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Server: 109.206.161.115 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS: 109.206.161.115.serverel.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Connection: keep-alive
Date: Fri, 20 May 2022 10:12:30 GMT

Redirect headers

location: https://sync1.adnetwork.agency/dmp/sync/bex?external_id=6287698dde5ad701f8ee206a
date: Fri, 20 May 2022 10:12:30 GMT
server: nginx/1.16.1

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 487B 106 KB
38 KB 120ms
37ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
Origin: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 09:08:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3840
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 21 May 2022 09:08:30 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/ Frame 487B 8 KB
3 KB 113ms
37ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AyIH4hbj6G7hK3_ODX7cc3df8y36Oq2AtA3NC_YjqfD11NnkAkXaA2xrIwjpegDoO5r4553o_gWNqxEEpTpMcwUV0fXbmV0wSHh24zp5pAZ0SoIHNHUDQTSHq7ltFlo5wpSSrod00PKv0u8VhZKn2PtjozwQ&dbm_d=AKAmf-A7ccdG3a5vqUIYO_EEwLo1eo2Ppjc7lduSBm6eJfF0RIb3XJ50nVsysQd5qHHjLUx72-W-KZKy2kGb68WOv254o6Ef3LhLlhiwulG-pLVh7FXuzgRbXuC4YBPxrkFJ0LhNmS2SE17ccL8gqMc6lrlYytaPh2eDshHhSHoHCfBFTlCDsIyu_seK6oKJl-c3R4Y8M5t7d5Rksk6IXoFAPPyfJUO5hXz1U1nfolOXsiq_0_hBgnE_knd1w_u4McCQdw8DpQKGbO2-XAU7SsWHjLN_brhucLs1kgItxyM5A1zFokl4zP-fr5YjCskjpmqc438Txg8_jWY_8lS82om2ZgZ2mA45qvmS4JUwMzzlZsWsJF3uhzlD0vJ9N60xIOwZnJH3_OobR6QgiUByrGFoTOQB7KJdnTORGImjcSRo8TBFP7R6FhslBkMYECvwMFLl0jeFu1B8qUI1qABpp0MHxwkpE3pKsr3H4iD_0PNNS37tWXejAEBUOJt8-UnKDeOl-IAx533SP3JFmfIyNysCQ7NjRN9uosz87jRnQx7HSGKGGTn29jxyFWUdQN6FygGJ5FQ2ATHGsp5RRPqxWsBmi2eBSMesZpyrleOhwytA_4Plw_oynZXYyw9peIJ8GmAjQhfTV1zk6YohlyuRZIPA10WOTWBFSfZMN8-BLw7nsI8z6S9nr1G5XBA0WGuhxWXdoV0cskPrrVTAhIs6lAtb8vecnbJB35TAGVONsAbfpvEjkfbtdpTO2TepYvphE1_POsJgnNsMSGlK6hXcsmdAE_LjIY-NFUcdtqfyp-5x6XCG9znKgcoQKf9sfItq-nSnhkt0MbkXiMNFk7a-TyE7DfWiT1mp19uFxAsgDkl8TWN_9Jja_CAGaRjdTQIRJjaLadbLKb7WXeOggXSEeUyWjny6bSxImbTdfPxHWD-ud04gOLjM7B6o0MlFQrDOYclRjIntWqFcePUfx9e4ZX299Z8Ah38MTXgqDQFrKSVE-95wM5RyFvooNRz_LrKdVdc1UrBXkb5ezgEviH8thObPj-4rnDruPR-u8d7wtWnir4YKH0jZY6L2ceD9bJXpZsbDm1yJPUKifRlAdhipBIGKpL-tnaJPhMN13Z1h_JLoGCo_GYE5EcbJ7BKQ33CXApWgnW_oufp8b94neJDJpxvsXXkB7CEb2acdE1kMJEn-PQ7Z2YC8nplMJB-z_hBRbIgSEVAe6vRp4-UCt9yiBPRQPrKQBWCyXg-J5wM6_iRqZemuWlLP5Gx90s-N0iRhf_W1kIT2r5PfG30RCPzPcQb9B31z5f8klTWWW8RyZ4HKjZYAf9-EnwidnladMTwvU1CdyCGezAuHZZ_M3KHZJkDTLBlGKw0vZqW1tM8qTonyjY2zHj6kcXUz2z5Gd8QFvQK701umpCG2QG_DiWOft4f-SJaX9fn1lGpd51NR7hXiaCfkFUvT9qqUEEpbxAtuID1An2qrBunEqYVt2XiMNqm60M5voaj7rHXCpRF4JWH3db_XvZrs4W0j0VVLiwJhJtZcfmFsRfFvL7rDaRxvBPhkj0wdg8nq6DKoUKWw1qmNW3JbY7fvzv8QQDPJ15xzdANpJwqgVm33cLOykF9f8APWWVOhT9v_Ip2Hqr10MSLNbrckBFkgrJPv4JCfCEieVeS_Zp-P_kz_uEeQ3NxFGE0w2P7lPDnvQZtf9z0mBf8zp9qOvhXO-qt0fxbYYnvBK_ZVlYb_TeSIlC5I1qBOkaVSmCz-zQ4TqJJJ6zIyF9AI0qb8CmLXGluqGDjEnQMTZy64MnpBeVZSSS1wM1JI86FzvrlhuyWblC8jpuCDzWUB1mav2eW1Tir3lUBkH_Izj-ac0QKd3ZTn2WcC8ytI2MgeXbme3kqnJ1qgREqcqoGAEcJ8AIQFvpe6eUQVW7TDxO1WYBnq7_1AfQSsKwd5k4E2uawt7p3sqgW9CVy5msPGEZnd4_oRGGzvILP6cO7zsw-nZsgkfLK12xzKr8TFD98-KanzK4YhFORPg9HPrFp_OyxrFceOEOP7uwJDyX8B1H-WAnu9CxDvszXcg3TafxME_8zANjvh1vX2ExNgEKwZmdBZ1e1z0i7E-nrO7TfWGGmwuMEnJS19u9VwIp0De9noTUDqS24sR0xR6zI-Ao_sTaLdt_Xm8xec-0_GdczE3qS2scanQSxlgke53ptULyVwd-WftaIo7seUJzi_17d6h401ic3Yx8kPX2dasUwKdJP37ct8Jr4LmiNzFGkQvqb3BxSPz4B6S_xSghHUa4PKfSiP70yVu0XhPv0GDrgr8s36jOh7wfS-e7PSBdSifqAdRR-v0uvnBeAFqf1mmXb59iJmbKIWgSSVpuPt4emB5TnFqPXYCnCKbi3MiWGhsAfs8f8KB05Y4VNMcFYKMIw64QK0DMxXbkdgqkHSBypC3wrZ3JF187SsD_4a6GH6eMrvBEI2OFQC7v4s2wWBbtxJgn49yZxg2uTBn-dikIeoMJklUcYByUbJvzH3m3lCApQVAFTgvotk_WozyaaI8JOT2U5_Mh4QVmYmAScYadgyMlYy9Xpj5VPy-OwR3L_Fu9MMZ2aDoCAb_dkyGuQFHEXL2t6kC8Uue1X5pbgxXheGjXM0bDe3vPUoz84Q6mWQF1sHVCr8cQOXp-LtlNwizSQaITdnkdPC3eDP43noKkllBnYIUt8TSQER7B26egT2DKPZbkj1uAvJiqG8qWNF7K-5wJ8_0JiC2PpfEsoccMYSJY6LFJ9ty2UIKlfhPOII7I8TOqgL5y6n5h574giv-QHcNRgvNSLuDp0aqj_xoVscAhl1hsN3CpXm-wiCmWZVZhiAJp-FzKqGF59qC_KlJ3IfQFcirxIKkeAFm4Wr8YO5Cz5PplAaiWPOfo-0yUy7G4CbVududCmHs1Tl1q4xeeUPC8IPi2eByP4rRMnGLYF4OFMKcJMhJU5yO8oLJ7SNxg9K7blMgHf8b19ueLAI8F0bTsROkhQ5iuYA_y1UEXHU9q8qTE7HMzbQG-je72iBRPCTmIMUZEHyOMy4pa3gR-qnH566x704LXUzEHQHi3kaKaglYNRX8UkRrK1pBUKYcXMWogijDnlumfHhgYEFWZLRCHozVUbZQlL058yRXJi4PtruAm_LkD1yFN8ttEZz00DyOnAIHPxzYzWXAjOR3jvb_qBSIosxhyo&cid=CAASKORoLzcL7KCw13KSBPn-uSFItAQVaA27499gzicvZM4JlezqNldeV88&rfl=1%2Chttps%253A%252F%252Fgrand.online%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:07:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 278
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Jun 2022 10:07:52 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/ Frame 487B 27 KB
10 KB 117ms
44ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7922e29fd9bbbb9e385c952731a93f50b0ba8d472cd16e65f66d18cf08ba4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:11:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10463
x-xss-protection: 0
server: cafe
etag: 17671883673189222985
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Jun 2022 10:11:09 GMT

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
321 B 130ms
44ms XHR
text/plain 141.95.98.67
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.67 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216533.ip-141-95-98.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://grand.online/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://grand.online
date: Fri, 20 May 2022 10:12:29 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
strict-transport-security: max-age=63072000; includeSubDomains; preload

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 3D95 170 KB
59 KB 147ms
83ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
Origin: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 02:50:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26497
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 21 May 2022 02:50:53 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/ Frame 3D95 8 KB
3 KB 111ms
55ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cl-bUeWifl3weUkaNoGEthI6Yp_eul_HBBGIyiQkVWyc9iWa543tGpEZrsHBVJDq7VMpgw65RXnjDDfbK7ULxyvpyD4e_SG-VHOo0MXAMUDpjxeN7zOO8TqzpZvaUz4OucYQczA_wtGFryVSAn26XL5O-aVQ&dbm_d=AKAmf-BqCjdg0ojo8-TEoyD9Ly_g3pklR6fkfWMrfQW_hMZyI21Ly1c0cAblDhEG6QejT4zYacfy7lOt5lmEAByPrVVp0UAAGkYd26kP4ujo-2yPW2mdSjG8rsYB2UYqFiSUxO9Vt4hjWSk5L4yC_ds1e-0UjXaMWW1zqzQC8dygUaT2U82923VjlG-48S7gww4Gf6XQfowvTaFkrPR5DE3nR4bQU9UJCw2f_ueRwu4RKeVP9B8ygEmatLtZBacSdUWxQYNWOnwNQZc-45bpHbJSemSU6YqsJVp5ngyDQY_LYK6LaXDKB1m0DtqAaUNgyZRtK3MDzJaQor3GyEy-BWc-K8Mt4Lpj-8JN_RobpPUiA3_kot29I8iv5vNrcCBJm60jBVY60qEaviiJtzAl1hA-J0TN9OFQECL0LCW0J4emCb7pFVl-gHjqYVK8XG4HpVmTq0CbyMPzh2M430-TGru2G77bIt87EnZb9cc8FxqXoMnRgGZR1uvMdJ1jMrAUh2kRU87S-NRLQObCeoM32NJQ1FvVbhyH56LSDw5jiILXT3BQHtVDz3C1v6MLlLK5M97iWfWtG8AiYlI1LAtMDRQ1nfjWE8PaqIus-_du3CF801InbfzXFH7mZNHBaBs3RCsXCtsuza-po9hywnRkO0eO1Lov_Wg2QSmu5Gdc0aEVgolb1RelWe5cmu30KFd3b_bG90cnxzDjvtck6E8q-CpNB7lCTzNswQfQTXik2awVIqB3mlNvrgDQOA0Mx7TtUZr_k9YkpnSVqFgo8ueLkKRIccky8Kyp-Tw-Vs44tkY0f5J8wxE77nVEf-gfhKMsTGqyTpzVbrszKAPq88nHpAC5aAtiPMQpNLt0VLGWoUwHjTnXR84eqLetKzfMQMWJtmIrObn3kwo2KYp1-zb_Qtbuo4lfFdx2J2lTanMfZbHAZOfIee8tf38_UWAUbRr5yZseF8bQLLBp2Ql0gb74oiMeFqXPUwiwhSKmz6dTkG59WVzwEaxCo03_LOTqM344FnICfeim3MtSZzkTGFp7EGVv3LljahtK4JTL1TLHKhrO_YBZH90tccdyFTsnRzSZ52gtz8a4i_tntaBZGBeUllgb274r99pel2JYaQTOxWEiNxyjgjE3E3mxtCvELF8efyNCFyLlvAnqUnoRCgO1FT0UZsZTBrNMM-0TpJ7dIjK4ADrCWUjfyKkrNDrPsfgzBDFC2GT1gExlzYnk8sgeppPB9FwChKNfNjRA2QEM6YRAHjBF5osV1ZmGXupAp5rYKSU2aY1eWvndd-fpZhk2yAdhx8k-dZQgq6V7zRKYIGSjj37ijEZUiXqlqHRn5GzcuWZvBT9DrVoc5BVUswUVgwmB_N_o3oy6T46zAOj4CitvGrOER4e7eDiCEAkjBoRe_94E8xwxSU5a-B8eJShauI7KzQaBHGhuZHaSjNj8cHXjCOkHtUMuBsNrZZbeGuHp-fW11AL8rAvznU4i-ubtAlrBan-3z9tGMBNxnavwsgMacKbhvImnsn65KANcRc7gjIK9EFR4zZi_mmWteeNBpBgSOtZhonYNghbInhzCf6CpJRagEaqEn0it2_3avSSuChZMoN-UFsJTY_vxffsDuR45y6oeGyiUc5TVKXV1mI32ZNNZI1yg3Puj7-WjS9OIz8qjfhWhz2a9Is3MWdJaqWy14P74yLQ2wIwwuPHU7fLcg5Fb4fMSU-xDhfOYrKi3MZJzovjDB82yx1cuHFz53EKAIZOEjYdkwtBS4QHuCJOv2MKa-KhcugUajvVP_m31fRo-zXC2HLQJXz6B__y-17l2aacCG8C-7u6cthdsxtuSOjaK_xg1-w24W4ECx26xKDqCyH1sq0fZOxGujJbmAxq7iFBEst7c3ddYWq8j9n9oeGHxmLtvg1Q58rNvbEDhomxcejxLdIVhHo5rGTLlSUKequvR4Y7njiW5X_pYk51vrK0IoBt8YoNxre9Pf7gkEPe65DTtZKN4SQARQrJ7omPJnqNPHQTUOuj2aMsw14ClmYWKLhNHl_UV-aBXQjQf9OH43WKnG5GmYWSBQFT0gjOx08b2Qqqx2lUEhsWEUZkQPYHv1kbAAuS-GX6NNo5UnHSvl-odTPMjb605OUPGpAN_1AHI6gEYIEFgWFmD1UeM49SVmzH-xs-vWbi8-wYgdaRPZG1MH-geJIzrpCOgq3ar6YpY7jvrBMZOC1lvjvHux62-C-Za0z9rA4pFIE4N_OEpsefq_Uz1Vsl6HNTiQj4pPL-gWqaFC1ivRxl6oxCR8qQAn7XyiTXdvAPR7VVsii-iuEJPJfcrSQekBF7bmF085-goBkNydJWVx2VUcSfuTVlIagZ_i7W97G-iqte_69sPizzGAKx7uh8MH_NclhdjGsa6K7jrF0LSTAuthtcX79bMoka1AoYMkm4KNYZC4_cSfvmqMfzzNswFyHjt3tlf1EKt7mxzi01VP4de-snnQzd-CYrz44Nv3riVcAKImrEMp51zapcKE5B3h-zlhGEqwIrc_9m2XgzVWEX0SkRa10ynlsE2JSV1ZNizcQuI6BBKOWsK-XTzTRtazCQyV8iD-E-91LHbILOk54CbRPgyv3ClyaSPzRP9AcaEqAMu9R_ox8H1umMc9SYlshnND5-isJIYTq4HFM0p1L1MRKkQGhXiHZy6kj7wA9YDYSwW0765_EcT09etZspbL0BRw9BmPUKB4BqD_6gBXKmdo6SsmlVdtSaGGNkjkVexGMoIatFFVD6Ua29AtA0hd2lAI785yowwsurhvexJxDQdUN8oRI_NqmAErlO-aso_Oc5wvPeBD4U-Nj1l6UrVMchognnIXvyBo0T8xSUlwnxrBo8eNNBI7y-cfIDA_e1PjvtD4x6gkgj7oxklBE2YboDPv6w4ezmDmsGAFZWYHqG2BLGj84f104blZZfiO2aQUxtq5phgv56TxDBRcDmi8BB63iD_LC2vgWaSgMrrBZ9NlGuza46D-neJBVQKb1pTIAlWNGBpmuHwxlsDzQdq4Lk1Z9NwFkcKa1CVvh1_WSEZ0JfMdi2wT-7F-hLcd8Ir7iwYyCCvt9b7Pr8FmNsMk194ZoIPFaRQO9mWmIHBFpqPRYS19bpjwEde4VFb1hOP7nckw9Mls3tymFnY&cid=CAASKORoajag453uAV4O28qQoamQn9tO1kquyrD6JpKm1MKyLlsonsWlf6k&rfl=1%2Chttps%253A%252F%252Fgrand.online%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:07:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 278
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Jun 2022 10:07:52 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/ Frame 3D95 27 KB
10 KB 91ms
38ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7922e29fd9bbbb9e385c952731a93f50b0ba8d472cd16e65f66d18cf08ba4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:11:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10463
x-xss-protection: 0
server: cafe
etag: 17671883673189222985
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Jun 2022 10:11:09 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 73C0
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=grand.online&sn=ChromeSyncframe&so=0&topUrl=grand.online&cw=1&lsw=1&topicsavail=0
https://mug.criteo.com/sid?cpp=1_4g8Xxwc3EzbjRSWWRNVU01QzNXYkxZbm9XWjFFeVd2alNWYlI4cHc3S1JldmM0eDhNbjFPb0ZkbG9DZGwyMWpVVFF3d3F3MFRVWGZlL0EwZlhnOHIrbjNRdkNsVlo5R0RhOWlNVSswTllBdkdQVXladmxsbjdsbUYveU...

436 B
640 B

125ms
41ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=1_4g8Xxwc3EzbjRSWWRNVU01QzNXYkxZbm9XWjFFeVd2alNWYlI4cHc3S1JldmM0eDhNbjFPb0ZkbG9DZGwyMWpVVFF3d3F3MFRVWGZlL0EwZlhnOHIrbjNRdkNsVlo5R0RhOWlNVSswTllBdkdQVXladmxsbjdsbUYveUhqUmhRL3VObWxCakxZY1dlUENKdWE2MkNoTkRDUlFkR01ESVVsKzQxamd6ODVEUGl2T2FldEJMeWl1ZWxwbGs1bHNXMEQyVVlwUTY4UThBcW1Pczk0ZWFSVnAzbGdkdXN2Z3lhUC91anFVcHRLYVRkYUVlTUlyS1RSVEx3V0tBa2hEUFZ1NTEzL0lhYUluS0lqSVVUMTFGck4rUkUwdz09fA&cppv=2

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

b30834983802017e7ed429dea80e449a3dafb04f9aa100f6b5a9e6a19ae8e1f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:12:30 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4963
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 20 May 2022 10:12:29 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=1_4g8Xxwc3EzbjRSWWRNVU01QzNXYkxZbm9XWjFFeVd2alNWYlI4cHc3S1JldmM0eDhNbjFPb0ZkbG9DZGwyMWpVVFF3d3F3MFRVWGZlL0EwZlhnOHIrbjNRdkNsVlo5R0RhOWlNVSswTllBdkdQVXladmxsbjdsbUYveUhqUmhRL3VObWxCakxZY1dlUENKdWE2MkNoTkRDUlFkR01ESVVsKzQxamd6ODVEUGl2T2FldEJMeWl1ZWxwbGs1bHNXMEQyVVlwUTY4UThBcW1Pczk0ZWFSVnAzbGdkdXN2Z3lhUC91anFVcHRLYVRkYUVlTUlyS1RSVEx3V0tBa2hEUFZ1NTEzL0lhYUluS0lqSVVUMTFGck4rUkUwdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1094
content-length: 541
expires: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 3C05 0
327 B 163ms
68ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l3ea9bh8&c=8656233477000&slotId=4328116738500&qqid=CKnF5dLr7fcCFSjruwgdLCEDVw&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:12:30 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3C05 9 KB
9 KB 56ms
55ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 19:36:30 GMT
x-content-type-options: nosniff
age: 311760
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 19:36:30 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3C05 15 KB
16 KB 37ms
36ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 12:29:20 GMT
x-content-type-options: nosniff
age: 337390
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 12:29:20 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3C05 15 KB
15 KB 43ms
43ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 19:07:55 GMT
x-content-type-options: nosniff
age: 313475
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 19:07:55 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3C05 0
20 B 75ms
71ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=Ceq82jWmHYunKFqjW7_UPrMKMuAWz4_uNateKiIO7EOSCu_uaAhABINnpz3tglYKAgJgHoAGX_pvwAsgBBakCV9Qjr1W9sT6oAwHIA5sEqgSiAk_Qk8TIAQ2UZ1n7gEJEVOHvqczYfEF7WdQxaAK6TW7Mo6rlh9BSGBnOtsYtMSFHVHmza_zbKlF6SRzRPhyVcvKPKRKtFy9Bo5c87vgzAmS739xQettFdMnmzof9ENutMs9RB3mMnVYYzfZFnPilPlo1Jsw8S7W4m3O3JtWcnVvFZQz4d8Z_gu9juKlMLY9c0rsoqFB1tAeooais6jdtPbi4o6QX0F3f-z76Rqiw6ouy5_s1PVHFL_ZOFkV0jDsDrIDFrZCHGULr3UXTsQTV6ApsCpfHKS9Dy5K-1llot33m1ON8H1H9H9223DCeke6JWU2q2H4HlT9ifGgtK8-AcudfkcaukI98Ga_7DFLnO-BQUxrgTMKsY0v5vbAKlNWrqwk_wASM8sCv-gPgBAOQBgGgBnaAB9GB5I8BqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgdgAoDyAsB4AsBgAwBsBPOtY8PyBP1-OLfA9gTCogUAtgUAdAVAfgWAYAXAQ&eventType=clickstring&clientTime=1653041550438&ai=Ceq82jWmHYunKFqjW7_UPrMKMuAWz4_uNateKiIO7EOSCu_uaAhABINnpz3tglYKAgJgHoAGX_pvwAsgBBakCV9Qjr1W9sT6oAwHIA5sEqgSiAk_Qk8TIAQ2UZ1n7gEJEVOHvqczYfEF7WdQxaAK6TW7Mo6rlh9BSGBnOtsYtMSFHVHmza_zbKlF6SRzRPhyVcvKPKRKtFy9Bo5c87vgzAmS739xQettFdMnmzof9ENutMs9RB3mMnVYYzfZFnPilPlo1Jsw8S7W4m3O3JtWcnVvFZQz4d8Z_gu9juKlMLY9c0rsoqFB1tAeooais6jdtPbi4o6QX0F3f-z76Rqiw6ouy5_s1PVHFL_ZOFkV0jDsDrIDFrZCHGULr3UXTsQTV6ApsCpfHKS9Dy5K-1llot33m1ON8H1H9H9223DCeke6JWU2q2H4HlT9ifGgtK8-AcudfkcaukI98Ga_7DFLnO-BQUxrgTMKsY0v5vbAKlNWrqwk_wASM8sCv-gPgBAOQBgGgBnaAB9GB5I8BqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgdgAoDyAsB4AsBgAwBsBPOtY8PyBP1-OLfA9gTCogUAtgUAdAVAfgWAYAXAQ

Requested by

Host: f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com
URL: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:12:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 3C05 29 KB
16 KB 186ms
78ms XHR
text/xml 74.125.133.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-Av6JcK1M7Kk9hixnjgFcOgQM9MyYycVdj6lrw47Ph9jnxC2erTzAMAl8UiN634s_BnEe4FhGGmUjL8wT8X2-rMtJGV3Q&cry=1&dbm_d=AKAmf-DHSUg4lQ6E31R0ZOZU3wq4lh8nPen2XLDdKB17_QWpcT30BKy8EsJV-O6FxUOVlqbNTOLyW9ch18RKgriNhHALJwGJo391ZqNUeSVylgwxFyd7QRxhBAi9Q5OEjSWuIEiYgA7mitjVD6Aa_JAr3Q6imVtAalmTAWXbYMbUuuU3-zbwpBXRQMF7QoiY81lEAgpwAvtJ3M5nxCF0BXilZWucltbvDi1ZPvIJiLFcCsNUHEtT3okyiL-neMHSy2vC0Te64T0Qn3GuaEm73ZrrgHigk0AKe-yFC_lR-t1ZUeKTC704Iod_jrzXx3k7UVJ_IvR_5jAXvTxEZZGAG9baehBvzs_B7dW7cN9-I07T-ayM6ywtA6OCl734CN3AQn1H1D5Q-O9itJDEAbPvpZsA34VtX6t9BVwLcTc75DVL4LJ1_HInsjeYDf-KdeakkW4wAX0c4RTCN-kp6wu69OxfzFTUnxbfsqkqWlEhuYplwlB-gbhK9Zm9XVZOZPprmAArR6dOHFzisPqVQ9FhGqJiB6GwqGTWWs-xQFL6SwfML9XMADtSxb4F0w9rrmWRlTY2BxZzpFh8wUDvYT3jS8rCTU9EpXWHQkAmsGqpX6DbIntMYL3RWoj4zZkQnRDnUDJ_mGQpy0EnUpHcmxogTkmeM6eMFS_2yUE3gya3bg218g-9aWdAnvi03J6g9tBBgbLjXCozAjUaq4cEXsAybj7RewhqlGLQh0Zlhp9MCchZ-tss66nbvcY2urOqnheqKL987WXy9ItB2cxsbUw5m2VFo-8N0WdALJ1jLbUI5VkwkpdUG4psT081h9okB0sO7s7Dt_U0x41dmdi6DwugOE_yVugp7AQ6A5eMaI94jalzpApPPEB6f-Es3h3niCy_6bWRin-RUZxFpCFeb_c1kvq1bI5v2rxAg1dVZimiwmY0y2gvdB1oHFhB9p0XHmNweXc8GV_ptZ8ajTDF2htmTZrdA9QRT5m3maAj0veJhgIV95op2pJPAwu6-rdXyXD3oeKs9yIbKQkIJik584Kwgtd5_hrBsf5CmYlbJEnazPNXKiDqqjsio2h90GC2X5U0Q1RzWCT0SWjogOwv0FIm8r7Lb5hdl9fdDW5LKu8hazDSVIrymrPmzQoMgqMdfwSG5Igj8N9ABl_99eeAk7VzvreScZR8q7t1gR3uBWNWekBQG85nKlnbUrICHA7aNo6s8H1kp-YmKYSgLDFWmL0kriMjfswUPZ5CIvPigZxa_RIm5KdVx8j1c_5DsoU6C73uLY7TSxMOq7iyeIf_ubJRYhk2VDlp5YgLvFj1nwn9KqUB_Yaa3TQpYl_cvjmptL6asHlWMKpe4yFG1P5VeOUM2iNvOOQomaoZtagZBrTsY2XQZXJHFdGAM_92KxmOvn0yR0gAjQluyn0tFz19aW9K__X6xMKCsKpicqwMCyUI4cNGCCfCVfRuxGNyjdj4nnpdBPX5b-2DUgL6UVOtxj1w2JzIW1Tjzfne6i8fmCjqESypCs2AAEnaNYf_Xgr2nWmEH1g-1AIgTyKyAJOM4kyD8573xkh66ZKRSavSbPlUfAXLeSMXFzmu5mj3KrSr0YzvI2VfgyR28I_7EnsF2_AbayBc5xR7sa-byCWIJTTiEFZsPbjpuijODk5_KQbg5DmIR3RomHd8zB0Hx8AzTlPlH1TwLWVWCmJoXHZ0VU8VcbcY-1zqgpB00h2JH6t6SoM5TH76Y4cRDhxgi_QaSezjZwxzUs_IlL6I1XvvmWCXTul2VnArfg4oYautOMjlcSEj0yTLWWIiDzc8y41teADKxBXT1HLKhuxVykMID6Z5gdFzNfmC9uP13B8nRq1kvTk8I2tife14-A79iQZlUDUM6BSV1GTm4l1rsvfVbkK4u6inX9arZzISGXWNxkpFYQFNOfbAHtGVgwotjNh5cgnzRG8zDkfbIIBv9uIpAbEM5-Jnuc4MtEKY1pMQquW8wOGRICbZtbN4IRV3geX4oEc8bXo6hJ0WY1_2C2_PpEiAMdOwxtgxw5uX9tEhucQ0h5Sf6LfCVsUrwHUxRcrQn-QecSCvF6EsmAUNzX1UbRYkb5xl9NR31UjuyayTxH7PNTvCYZqeo3o6_PDggRsmWT2kiE8cfj5-CIM65cdGoCdYgA6jWRewprOlhNPVFo22fAAWnTe858EmzgldlW6o8NxWdNIpXz8tlqMuwaMzAfbfSyyKooa3oXsYbFtXxrj0LhPmcF9B7xuSV8Wl-fakDdzs3CS4T30348J99JAB7UJR0BhMtU4tUqT65oxjLTe_dvwvNp5tPN15JWFSFCLSsVErvH7XTipv0XSS3mecDJ5Zm04HQgFUeOrcocr5eYhbAJF64u76ap5XdlJ8iKbhExNQs9bF_xKww76n44OAogJWvDWo3OmoOUoHTGuD0_UqO_x4oOd44M71s0ebLFRB9MJAlosjbYvUq-3l2v353brDnv7S4SbrpfqHDwTfnzDdXs-JFe7T13dO4O1T019aDs4XQyl9D3nRhS9FbhyyW-XeoYHPjbjgsW2AnLg9bQYsdxVVVv8zBeEk4Ltt0UcgRyvBo6EwCmOGUvf_6aPT5FTAKWBh7foY73zotiVuRif91Ia1CZpqnL9NrW0maYr8A73qF5AGF1Bj7psDZRn4u-AWv9newAV7SrPmYSA2FQ12M8VmPtoPO6YeAStx0XOhvRvJqHVAo1fwQ-0mFKkzgsb2W1b_duk5Ja9GarrtLsrUEvBgSiX-SVdki36hkP4MSGUmhDq0N8o_HDPByQD3q6Mx3Nc9F9QbkK7_lf1HGqJ_DTLj7JhrPMJjlDhATT1BrNIayywd1Gv_aR_W8Kb1aWZviMia0SD-5kGV1nkLsCWM4pg_Qx4OiQbNXUAsY6Wtr03kh--UM5Qu417QPYpF5Lj2z2lpSCfx_Gid5ZRVT5TAq3KR3VZG8j9303j5mBn0fpb3u6VY0WDBODoaPZe4etVmsSs5wtojr8n7uYYpQwsYfKf6jo05zghgjPnoD1xTvzQvO_Kl9Bf3oFwNS18lgR7vnOcTuV8JMLrwjEBLA4FpID2tbG53ptM0W4GWmHBRMjC6hUJo9AAnsKX9Yt3W5EzYGze4s9_NOWdMCfvadl08MIWq4qgk-gtg9tnkzB2D4SLYbrl4yRE-XK3T-TxjdH6_-_s8IxOGBtdFnYbc67LpJm0xQSKehyNsWG1ftuczEMpJkpJDw1YwZ4_cpmdzsrY7wlZgjpeEgeJGQf055S_SQKylmhTTsWGjHEBim2aV-rX5fPLipUKR48m-E-R84zOzvADANzF45WSKHAHn9X-eR3MurLwG5SFHjxvA4Z2byXLn7q5lqYXJ1yN0gWa2SII9iRnY1x-eSrpyOypM22V38kV8VjphcQqQS8AFc6dKEc3ekQ8a12mlK6PZ_xA0BLZhy-Llzp8AfJZQXVUAYcugha9X7AYTCunKsMBMSTTXgkRZwSXeLm8X7pQZofg5vwlybVA_TPtuaUhmhsOK6nN5PQMRcyjJ76o8TP_Z476XZRQDhK1uv5HzkjF3jPV88tDSwWBJBl4qFLb7F3m_jYJlqTdnniKyHwnfvOZ6AeqtYHNQ8sYk0KM1yCmlt1XDlwxVS8QklZKNFFtILAvyBa4EpS0Oscdi1nvC7x_-WvvCgnFy-5zHfWQA_igNsYaQsqIvfqYRzj7aN_zAgdvVesFufHbdPC4q1Odp8o1zP-Bc6e4lHKSOxOBkJZTBzzYVM3M0leClANvzS8RV8eMa-gcHk33AZ3hzVb_Pm_Vul5lIyW7aYpYjqJHBT1x7uoDiSuAR-k9aB-DpXv6fOn4aD7TuApkYR80U2wDvOeAM6xPBQwURnQXx_-AOgsP2YO7NU-gRNwvhnmPOA5LBB1XPCFxy6DI7dQhzsCjtXq0C&cid=CAASKORoiMbfnM7_5ROcqh6X7J5ZPlKBf0LfoQf4dEgWAqHBbn8EuujLzco&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220516_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f154.1e100.net

Software

cafe /

Resource Hash

819f93b84beb4cdac19ec3e8cfe9baba1c863d9221ff0c26457eb7a34d779569

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15768
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3C05 0
0 75ms
75ms Fetch
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CBKrBjWmHYunKFqjW7_UPrMKMuAWz4_uNateKiIO7EOSCu_uaAhABINnpz3tglYKAgJgHoAGX_pvwAsgBBakCV9Qjr1W9sT6oAwGqBKMCT9CTxMgBDZRnWfuAQkRU4e-pzNh8QXtZ1DFoArpNbsyjquWH0FIYGc62xi0xIUdUebNr_NsqUXpJHNE-HJVy8o8JEhDUlUVnVdpd19znYV-NbAQHjPcSvObOvfcQ2zbbJLQmZIx7XO2OA04UeFU9J_YjzLCfQLsdKz2l3xAd2zBmBvt3xoqBGmC4qbksel_Sud2rpXa1B12iYajrxaAWidroySBIE43_HnpP1qp6EvBV6uiK0HVx5k5WT0yMz6cNgcAXrjcYw8zQRUWpOesIDHfv9VGzFcaPJNrbQNd1o_3jfaDL7nS24StHoKarMsQXOBvDlhaJNZtql25K629M3W-zxqWDf20FpQI4cOc39LcQe8Sj9o5jRe95_UThZDAwvoqpwASM8sCv-gPgBAOIBe2w9Ls-kgUGCAMQARgBkgUGCBsQAhgBkgUNCCIQAxgBSI3StwFQAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGdoAH0YHkjwGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHChDSrhYYuY7byQHSCAkIiOGAEBABGB2ACgPICwGwE861jw_IE_X44t8D2BMKiBQC2BQB0BUBgBcBshceChwIABIUcHViLTU4NDU2ODUzODA5Nzk5MzYYpcN0&sigh=2_MkwikoJh4&uach_m=[UACH]&cid=CAQSPwCNIrLM4tYUE9P8wv8vqZ_SMhn782O3oi5TJ5M_fcmQhIZnMJUb5-5BILRdKVeLlXF07Sx69vrWE_g7p8vQYw&vt=10
Requested by: Host: f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com
URL: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 3C05 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0197c87f510903f431ae77f6d78c41e432c6cb763267be5c2bc57987c4876d02

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 mDq0f2QLj17.css
static.xx.fbcdn.net/rsrc.php/v3/yT/l/0,cross/ Frame FEA9 18 KB
5 KB 116ms
37ms Stylesheet
text/css 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yT/l/0,cross/mDq0f2QLj17.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZvezdeGrandaPrva&tabs=timeline&width=300&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=false&appId=534904083375143

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6ccde1fd7072ebe8f8a5b3da6f2027ab1e4939ec932b1bb2e201eab4e300e9a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:30 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 8RzXil7hp8+O6twJy5Wz5A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 4682
x-fb-rlafr: 0
x-fb-debug: CkRxyl+CYYogoBkQQY817OC39u4PvNEbcc/MwDfmkGSsp1Z//nfNgioX9MoALAEAaM4y2zNLLOK73+TVENWPBg==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sun, 07 May 2023 15:12:28 GMT

GET
H2 200 FPdNN1TK3wJ.css
static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/ Frame FEA9 2 KB
1023 B 116ms
38ms Stylesheet
text/css 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/FPdNN1TK3wJ.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

df54910144f36c8adaea680ebf82cd4f3a39147edaa8eb4a2650b2996da8acf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:30 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: XpWPuiqLnlvq4xkatdITVw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 831
x-fb-rlafr: 0
x-fb-debug: 5x3GeMPN3hTZZZlgzW9zI/jaeMfM3Hp1cV9/gWVdfePYS3Y/thkiroMZ3kcdW/AJl6Lz3kc8vHEOPc+XAK34jw==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 12 May 2023 00:30:12 GMT

GET
H2 200 2Wrb3kFIcuy.css
static.xx.fbcdn.net/rsrc.php/v3/y-/l/0,cross/ Frame FEA9 32 KB
6 KB 116ms
38ms Stylesheet
text/css 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y-/l/0,cross/2Wrb3kFIcuy.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c68f78ab5b36309b244041c15ef4163aac66ede31ee53b2d4271b1f7aae1a6cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:30 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: LmKg6bAj5CVq6/oKWEfMNQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 6321
x-fb-rlafr: 0
x-fb-debug: 0W9IdPPng2wquu5HB3hjN9vrKxp3Fy5lRa7IeKTjbPBXPd8JYFdYzGEk+KxWWS3W5NOgTtj8e0G71u5+0mB07g==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 06 May 2023 19:54:21 GMT

GET
H2 200 bxUwLsrSn4H.css
static.xx.fbcdn.net/rsrc.php/v3/yp/l/0,cross/ Frame FEA9 15 KB
4 KB 116ms
38ms Stylesheet
text/css 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yp/l/0,cross/bxUwLsrSn4H.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e01570cd0dcec12d3e99aac52579c3692dff5ede51ae1e59e8b74be4635df724

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:30 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 7e74Wrn+jqFc4bM9YuGypw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 3967
x-fb-rlafr: 0
x-fb-debug: 9UPGwIxSmuaPXVUqfXIKRL/0I66rawjqgmVajHpTJ8O7+B65ewlT9xRIsB8fLgnGuwpy2/J7E/7fiuOBpqGCTA==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 18 May 2023 22:47:09 GMT

GET
H2 200 1Tnu_xZm4wj.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yL/r/ Frame FEA9 309 KB
83 KB 116ms
38ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yL/r/1Tnu_xZm4wj.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2365f7ef55dcbcff9e4b0771fc4ffc75da34670e82ce61a5fadb8cdff842728b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:30 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: /mULUP7SJDzYwpnrauw0IA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85017
x-fb-rlafr: 0
x-fb-debug: QobXRc16GlFQNi+T2l1fy4JzeoKpOLJxY1pxkhZcJBcZZx02MI70ay9u4CXDeMjy0s5pRF8bzCiZSPM/Qxyb1w==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 19 May 2023 23:30:37 GMT

GET
H2 200 D3lVAj_CJKE.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yC/r/ Frame FEA9 42 KB
14 KB 116ms
39ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yC/r/D3lVAj_CJKE.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

44815625f70f2d49317fe2e9f5adea7a8abdfec786db30bfeb64558c22feb5a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:30 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: OgnQlbqKwLpIWZqsF+TgHQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 13718
x-fb-rlafr: 0
x-fb-debug: QE6/ZrgZJWkxxBC82uXaO60h3YrU6oZd97qseJ6iKfUQ308H7+Q9mFfpceIvzztuyKU2Qy8xIeKkALOwuyy8Rw==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 13 May 2023 16:42:16 GMT

GET
H2 200 9F3iVzts7-R.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y6/r/ Frame FEA9 49 KB
15 KB 190ms
112ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y6/r/9F3iVzts7-R.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e7afe3b38b16d5501c6adb1bba7c45ad58f4ede46d86b6945b228ef270685f6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:30 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: bPQCFc580Q/AcQnFoPUzkQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 15571
x-fb-rlafr: 0
x-fb-debug: VRNIQHSvNBSRJx29UB2dFgIuUVATEzcmSUM36M8YgzrCSfSgq/Pd5vEtK8Fhy+rg/50kIeRw98wiOjrW4iZa3A==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 19 May 2023 12:11:23 GMT

GET
H2 200 AQZoIMafp7s.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ Frame FEA9 27 KB
9 KB 189ms
112ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/AQZoIMafp7s.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

228b816e3546e7e41a6c9e1c1ae1df62f8cb75b205335729b25e77d5b7447940

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:30 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: yD61lWkdv4BmfA9k2RlyJg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 8543
x-fb-rlafr: 0
x-fb-debug: aSFen5M3pOB2PRWwuCcMSe5Ed76KKluK5W38tLbXEzRIitwRJ6lS7H7hmQCwgkz1Du2mVr/CVU8IQUZJhyETNg==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 19 May 2023 16:19:00 GMT

GET
H2 200 XVp1tAmObsd.js Show response
static.xx.fbcdn.net/rsrc.php/v3i2aq4/yK/l/de_DE/ Frame FEA9 195 KB
56 KB 192ms
115ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i2aq4/yK/l/de_DE/XVp1tAmObsd.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6f257edabe410880b910383367d37185d0060cf85aa5db2a9b37a67e314c2b2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:30 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 2kpPxNpRrFzZdAEcSKBciQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 57518
x-fb-rlafr: 0
x-fb-debug: ZE8J1hKRd9b4L7fk5EgMgm/RGQwbcJSgj5uL+56zzRa2OOaRHMp3jBUMBT0kI2EgyB2hsNDzwGjJGThgBXkPFQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 18 May 2023 22:22:38 GMT

GET
H2 200 GG1Y0sYc7My.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame FEA9 5 KB
2 KB 191ms
114ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

90fc0d4d2666d3f5b0ce950a759f03f7755f52012ba11c5d68bad84ab0ea9a3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:30 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: FvCDsjtWXbnS8g0a11kzwQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1657
x-fb-rlafr: 0
x-fb-debug: ejtJ9axYGay1v/bN44h6FeL5dU7tN4OXwolQwZyQqmPyPPPTITTjUnFz+gzDKY9NYmP+yuVwjIX7S4RLS/LYKw==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sun, 07 May 2023 00:03:33 GMT

GET
H2 200 BtCgZXLQzzQ.js Show response
static.xx.fbcdn.net/rsrc.php/v3iAxA4/yU/l/de_DE/ Frame FEA9 82 KB
23 KB 192ms
116ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yU/l/de_DE/BtCgZXLQzzQ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d8cc1b6b96568166a18a44577d3b7bb25fda69efcae8249a2ae10c7c96580079

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:30 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Ctwe2vVrlA1ckh10RQBmtA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 22962
x-fb-rlafr: 0
x-fb-debug: +wGhlPlo+PVpYe0v7y8Zyo1WYPkP5IV6iyepI3vg4RueZ7otV2OsaabiXaLx/dx8W4f7hOS7PWI4sC92yCd/eg==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 11 May 2023 03:47:28 GMT

GET
H2 200 XSIH0SWqDEY.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yo/r/ Frame FEA9 21 KB
7 KB 191ms
115ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yo/r/XSIH0SWqDEY.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1c8ee67c6c8104fb420447f3d36a1217e0753259119e6b0f65b11d62b40d634e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:30 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: AwtG79Bq83OcuHbXxj5SPA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 7058
x-fb-rlafr: 0
x-fb-debug: IX6bzjNRLS05YwzcS6LjKisy8ekTH7O5OLIsyMSE91XCLx4rXN9KZV5XOh3npMaxqyH4rKCB137DNLq1Zgsm4Q==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 19 May 2023 00:10:17 GMT

GET
H2 200 2N_v-1x4LuB.js Show response
static.xx.fbcdn.net/rsrc.php/v3iDKa4/yy/l/de_DE/ Frame FEA9 247 KB
57 KB 192ms
115ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iDKa4/yy/l/de_DE/2N_v-1x4LuB.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c90c8315404fb49e4bb73e260db7ab396eb1170f331f18222c19292d72424b6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:30 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Ue+z1hGhR211dt+vuwf5ww==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 58579
x-fb-rlafr: 0
x-fb-debug: 1+sExnoVkEcfw2xY7YFFIILnu7uqdc4SUOCFs5yf/+W6FTGyhG5bkYn9j9ZXD+osRnQ/QNv8YzKWAj6+C3fkFw==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 19 May 2023 12:08:04 GMT

GET
H2 200 9lbv37vhJ9P.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ Frame FEA9 2 KB
1 KB 191ms
115ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/9lbv37vhJ9P.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cc0c25caedac0b14b6d0ad1365d4a23429d1d783be546c775d406e761fd14320

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:30 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 4PNZ35vuu4ijIB10RCG+5A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1076
x-fb-rlafr: 0
x-fb-debug: zjqR3WM4NtvMrIr2ZMrTldTZumX2PqPFNl9+JGdQvXrqylceP/WyWK6EpZyQhwQZnlHtQvwmc5UUdgPQVdzhcQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Tue, 16 May 2023 15:27:27 GMT

GET
H2 200 RojAvN2Poq8.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yL/r/ Frame FEA9 70 KB
19 KB 190ms
114ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yL/r/RojAvN2Poq8.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7d880e63c31985db774019cf0f0673c7b0d6dda6ec7a20d2f8c8f33bf5227850

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:30 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: q3+dnSvqDfgXFGFxyxtB+g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 19149
x-fb-rlafr: 0
x-fb-debug: 45m7WaaMA7+FZ4MJt26VzyUNIe9zX4eOF+IoM9ZSIlX7G7cw+9AiPBFkbZRqwdPjhxX2NFEV5R3bG8OVsL0dXA==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 19 May 2023 00:14:09 GMT

GET
H2 200 w7NbIa0MDdp.js Show response
static.xx.fbcdn.net/rsrc.php/v3ii-j4/y_/l/de_DE/ Frame FEA9 203 KB
53 KB 191ms
116ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3ii-j4/y_/l/de_DE/w7NbIa0MDdp.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6f7549476e90a5b9cd90165c1eb5a4e41d3d0f2d45512fe1af1209de9b281ec3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:30 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: nJp0PVxPop8YhFyK8mTVXQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 54204
x-fb-rlafr: 0
x-fb-debug: UpZsdAGZ5Sk2VTCvftXQ2wd2l2fuLSZGymvXFUkD/N+8BlEsjUQgO//PyP7BZxUO0iyndWTDFzGK8hEobLWOTg==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 19 May 2023 12:11:35 GMT

GET
H2 200 jF8emf1aqCz.js Show response
static.xx.fbcdn.net/rsrc.php/v3iVab4/ye/l/de_DE/ Frame FEA9 111 KB
29 KB 192ms
116ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iVab4/ye/l/de_DE/jF8emf1aqCz.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7f75feb11e081657af9a3fb839273904e3b0b898fe6668cfa3a38ab3598325

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:30 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Idv14RRnX95UPkhgLJYpFQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 29138
x-fb-rlafr: 0
x-fb-debug: FcvZzoHGuMASzPAEandLQBk5DR6cZ4tfyRkm6GJjOBUCFxWER5qL5PROmVl010dAIdsmhr/kgwFWr4pKM42jCA==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 06 May 2023 19:54:23 GMT

GET
H2 200 S0QiMhlWxzv.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame FEA9 208 KB
47 KB 190ms
115ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/S0QiMhlWxzv.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7a3fad5ac95d03b883f6b6a128ac8a745aa06df4fe6d9b807513bd1f417bf701

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:30 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: b75UDe52+nKnsu8Vrds6kQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 47561
x-fb-rlafr: 0
x-fb-debug: RHvIs7fX+RUe/SLhUwtjno2O+aDcwYmIvxRhZjy7Ar07HX3CVnUYNl/O8nbcDytr2MFBBG9plHd0YWns5EmMrQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 19 May 2023 21:23:38 GMT

GET
H2 200 9WKoE2Sii2E.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yf/r/ Frame FEA9 35 KB
11 KB 190ms
115ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/9WKoE2Sii2E.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

139b3307b84002a4c0f514d9899c8cbabf4f08a601e5e4d7d2897ee47bd77069

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:30 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: k+sW/JJ5r235Gx1r5aIE6g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 10984
x-fb-rlafr: 0
x-fb-debug: UvVs2AYV3WM8nvxRwz5ZhHH32wq/RVvmKq5rU6QvgpNfM7Hti6fKGgbJis9xSh9LbQqdg8lH1HszlgmvmxvMtQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 19 May 2023 16:19:00 GMT

GET
H2 200 241707223_3077901182438161_5577928450640881178_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-6/ Frame FEA9 15 KB
15 KB 39ms
38ms Image
image/jpeg 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t39.30808-6/241707223_3077901182438161_5577928450640881178_n.jpg?stp=dst-jpg_p130x130&_nc_cat=106&ccb=1-7&_nc_sid=dd9801&_nc_ohc=OrdiZo2axYwAX-AKWbR&_nc_ht=scontent.xx&edm=ADwHzz8EAAAA&oh=00_AT91Hoy97lxOSnT7NbzW6w60qL7XKp1sQqzlk3AnN-hwhQ&oe=628B99F2
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZvezdeGrandaPrva&tabs=timeline&width=300&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=false&appId=534904083375143
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: de3f9fc9600a3419a5ccd86586f16b00b0295325cdde3b6d7f7d0cd7dceb1045

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-haystack-needlechecksum: 2928724623
date: Fri, 20 May 2022 10:12:30 GMT
x-fb-trip-id: 686109401
last-modified: Fri, 10 Sep 2021 11:05:37 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3864298813
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2689668541
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 15391

GET
H2 200 12065591_1700630826831877_5117580020329462962_n.png
scontent.xx.fbcdn.net/v/t1.18169-1/ Frame FEA9 5 KB
5 KB 43ms
42ms Image
image/png 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t1.18169-1/12065591_1700630826831877_5117580020329462962_n.png?stp=cp0_dst-png_p50x50&_nc_cat=1&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=0dhBtAybztkAX9n8obL&_nc_ht=scontent.xx&edm=ADwHzz8EAAAA&oh=00_AT-cnPcKPLLlmXgHtMUBt0Vmc40OFfGtM7Y8Bgyon_a95A&oe=62ACFEE6
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZvezdeGrandaPrva&tabs=timeline&width=300&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=false&appId=534904083375143
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 24c02c018b5277d535e01b7d01d85441722bf229c8fc8121caa945ad48fafedf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-haystack-needlechecksum: 3134017754
date: Fri, 20 May 2022 10:12:30 GMT
x-fb-trip-id: 686109401
last-modified: Fri, 25 Sep 2015 16:31:28 GMT
content-type: image/png
access-control-allow-origin: *
content-digest: adler32=499142187
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 4004042806
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 5385

GET
H2 200 wrapper.html Show response
wrappers.geoedge.be/ Frame EDBA 3 KB
3 KB 159ms
37ms XHR
text/html 2600:9000:21f3:de00:2:d490:4d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wrappers.geoedge.be/wrapper.html
Requested by: Host: hb.contentexchange.me
URL: https://hb.contentexchange.me/prebid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:de00:2:d490:4d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

x-amz-version-id: gVDFxbxIIKkKTV40SMjG._OTMed_.wGK
via: 1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
last-modified: Mon, 12 Apr 2021 12:46:04 GMT
server: AmazonS3
age: 14369
etag: "4a6c546fe449447f2a620613c0655458"
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
date: Fri, 20 May 2022 06:13:02 GMT
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 3121
x-amz-cf-id: 5IXOs2hLfRlGzC29PQ1D6Rka5YLqXYAp23N8NLPGFVvwdVs4_zJvzw==

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame EDBA 2 KB
2 KB 128ms
50ms XHR
application/json 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220520

Requested by

Host: hb.contentexchange.me
URL: https://hb.contentexchange.me/prebid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f115a504013c59df16663d2dd7070caad69c12abafbeb5a666e29406bfaebd71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 20 May 2022 10:12:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 25889
x-jsd-version: 1.0.1346
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19162-FRA, cache-cdg20727-CDG
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"663-GFiQzUF1O+UrgQ4wDvlwoMXLMr8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eEWZ%2BYtBLwTN4ZcToNidyRH7CeoANzlr28TIV3On5L8zXVztofuWSydT9XnrgG%2FF%2B%2F%2BdwRqbmuYiO21By1iknjW99RYC1Nfq0NOUMQXxc%2Fvg87px7yvUSfzcRLkf05XN1KjQQHsqZGAh7Ys45oM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 70e44b5b3c369bda-FRA
access-control-expose-headers: *

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/ce086b75-7730-41be-8fb7-52d3f2f48f60/ Frame EDBA 169 KB
53 KB 138ms
42ms Script
text/javascript 2600:9000:206f:6200:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/ce086b75-7730-41be-8fb7-52d3f2f48f60/grumi.js
Requested by: Host: hb.contentexchange.me
URL: https://hb.contentexchange.me/prebid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:6200:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3160190633620fd3f9a6ba11310882766c9a3d91b92082661cd95aceabf76a5d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 09:33:15 GMT
content-encoding: br
last-modified: Fri, 20 May 2022 09:26:42 GMT
server: AmazonS3
age: 2356
etag: W/"6bc3c8a3210a79fcb365c0f64015696c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: Hlzm1kkgv98zI9MqJNTl3byHiPkUoUGV
via: 1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop: FRA56-C1
content-type: text/javascript
x-amz-cf-id: 8dQRoQXWiZj9-r_jsmf6Fr69_sqp4TfZr218TDYqmG_eBfe6kcot6Q==

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3D95 41 KB
15 KB 118ms
42ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com
URL: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 11:48:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 167038
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 May 2023 11:48:32 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 487B 41 KB
15 KB 104ms
37ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com
URL: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 11:48:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 167038
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 May 2023 11:48:32 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/2315661356193284096/ Frame 834B 261 KB
31 KB 113ms
38ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2315661356193284096/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b6c5c61d31d9a294660a1999928903900aadb1eda143065f81b59e3c4770cfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 308656
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 31830
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 16 May 2022 20:28:14 GMT
expires: Tue, 16 May 2023 20:28:14 GMT
last-modified: Thu, 20 Jan 2022 15:37:35 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 487B 0
622 B 187ms
87ms Ping
image/gif 142.251.36.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss5ZSMya0Bu4A37eZxcm6EuUlmb95VlagZAShJNPr9SGJ-i9ahZXlKiuwfaDApkzCOxEeCMuWUs5UpsyvDNcHOn7Fs18Dp-C0gSa6h4L4HcZvIMHPA3dPlT9Onygb_1Noil7JQzZZ7KTAKAF_lA9amPfEOqT4lT2wASfroHUmYx7bJe1ZFuqKewTK42jbEGiJ1CtgZTxyL9IE83X7kpQWTgeSVzrdIoG3sK8-Firh9KqdvBMeE8wfodZvPMlI19MB83uxj51T5iKMFt7G-vJAIueN_Zy9dq3eOGersiAPreinkOq_juu3bIwCq58IeIUorYBIYVPuJEvDTFrM2m1aFGtxgEF3ZnlLxM-2D-Hrr4172nKgFdmHOaMQKFnJlZsJSStoCz9hyFy4sXg_3cGcEpIGiJ-jrFf6C4BMpNjvmgZsvdxoGJ9druHFD9bEVptePj8I8-_FKz9J8LoBkJLoCem7ycB6BQh7GoICICjg0cC3--P_oa4ac9_PhpfG4Xtl3NP89_0t3jOoYzIuicbUYX5-whZf-01ySlJb9tRv_CgsawBneM-B1r9lpwccLPWf3csgik_W8kl4aYF9GXjUzx_UiGthBDRq0OQyLv3IdaojNfnNuTSBTzPfEwNYltl1v8zwwGEW-Fs4Qh-qb3vFaA8hIM_eUFKslOl7oQpsOcvq8d9hFvf6f6jKFFQUHEyA_NyEdY9TalwuOoaRksXEwZmf2UQFsUUAeJwmSnmVRyIo6BXfQVhcEs0qDpjQZR-SsZbzRm15dBbDjJg4BENK4VCnnNNkAANqodaNXbvl7cyLMoGJz8lOG90TDm6es5ZKLfcp9qB3TbbQ427ZBCQPAE_UG8ZKtwvMKrTBcRah8ZIDieWfnQ8J8yE3UVrcKc_9f9_wI7-qtBsQ2yaELzJJEWwD6lK6IGu2zu9vLxAdcGoY-dzI2kBFaFFOVe9_vEowJlSK067bMr7eStfMfzss_pbO1cYAHrKR-ki1budKuJjS826pD4KRgpNh8_Q8GCB8uAIofXAvP8bcecpQ3og8-4iT_mL9JJ8UxkYKtrm5a5sAjLk4Tc8Ydv2SZtvokFytJhX3yeNKgst2pvfBIHcPAMv-bBkiLHGwTpNmqxeIEv3v3dlv35Jst1JKkaTSEyhxlhCmC_5xxXlT0rjlgvYYDexxDfPwtPJ0FZgPwefiOGY-g3tw5cFeBTBhq9crY3XRJTKNwM&sai=AMfl-YRvoOIowE6CgEXxFtTJyvpWuuGaqSVkrOGiivHs39Ve3mhmgg_c-mQ1D6UDom6L2_-G5RdpwWRDKtN4aSKMB35prHUdq_oaRvC16nremDnldxZMmYX7JLmRCpThhZ7q8tkqRhOspeBoqYnSUXYU0Dcdw2-lLrOr49BS9L5br993I_3TC9XgXMv1QqG5cpQjh1_12UwmaeTWaBNsNPlwGp9MBYQDk0PT0A&sig=Cg0ArKJSzOk4SXVMCm3hEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=179&cbvp=1&cstd=176&cisv=r20220518.54491&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.36.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s10-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Fri, 20 May 2022 10:12:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 300x600.html Show response
s0.2mdn.net/sadbundle/14428347934943306018/ Frame CED5 4 KB
2 KB 85ms
47ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14428347934943306018/300x600.html?e=69&leftOffset=0&topOffset=0&c=up833lLZZb&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e8a9e8941b64b40f430f8cb76a29cbe22d95efecedd91489ad1a712f07688f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1680
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 20 May 2022 10:12:30 GMT
expires: Sat, 20 May 2023 10:12:30 GMT
last-modified: Wed, 19 Jan 2022 11:29:11 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3D95 0
64 B 149ms
89ms Ping
image/gif 142.251.36.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssQ5dE0Lt3JAw-Ys2US_HxaE29qRXl4AjnBIW9V8OPP4MBXWj8rI4kdFGyTlaxmr-pG--qF1PL9vCsVNab6n3Pr3jZ6RL8h_RnYUshmdigxhHJk-enpKGZIzBTcrkj07TdWeL6bPL15u-zpmnafRGikYZ2eDamz1CA2hjUMUSxGStqZg58qVbKxKCrIbIJ8uRINoY6LWAZRjRjiS1E3O6mi36EhxWtU-FzCi-XrQGT9GIMRVot9ufLZfQQeBCK3rYllIlvZWdQewftjsPRyjl7NxmNwrvKIIkofq8dqe73Br6U899i-YYQQ0JyLFL2z3_NGMDWYe0igaScgA_K6Ukdca57UN0Re77-JIlcoTE-TgOotT4_nPEkIQDfu83Cf4FsuAyanXQb7TjHli-3ajRQeYnA22WVLjR34NJ1ntNYMGCYBzzUTKXc4__FRJ6im8ztkiLp-WbGE8nmwt9ZNhJdxEP4msfl36azzgwLZnmldBy4tTKyD540oGqoYOHbH3MT6Lej8zreWynf3YCvMdNFn3F3_4GRNNp-X00nGJO5bW8QaHDoqHeLxkw8m7G9n3oXiTC8DhPKeA0wlBr8C4iA80zOFmHe1eZxw8PUidVuc4tMVLGZ8Y2hUHAHZCgSPw40jivk92E8zII_dZB5vimWOiR-_zebtZwjRD92XRUHFUxffEI4D_q8ftwZ9L8bRDs7LcdFmduyaSNiGR6gI0urOJg4MxRvB4R_tFMCGZ5lt6HA_ZoiPAcj7Xrc3IVwupDjOnXrFh0pxqAusUxvyUHUzL3HtRsEAnwnR7H5KE2xnF2fBkULNPNMvX5DTlfHMZ3hhcREGC37_d-GRq2R8-Gjnc7zrun-zUWtQremNHlBInr72wMUSMnTXl8bgtPZRiu9mE5RClS78qhoM1yoaPWpjsrnRAanQ04Po2f_gl5H0YsgTixXGBag8vtJvWKuBdwNq2smN_cIR-2ao4HpQuZ2kJXI96OcFBDuSgb7DaznvH-flUcIfYIXGvGj2GR_lnO4Y1iCeWIch4OuILsacWJv7OUwNSuJqQCBLKP9k1hFqoz-36jysS90qzm0TMdxsZy2XMo3pVM2HRB1zJsNDyOawW6M5F6espa8Frl4eiX4E9W9IOZquIndIKl_B-0CK9WmiLoc784Cx5CWqPMCg2W0lTVcMxx70uA&sai=AMfl-YRSbI4QZeXX6cgx9DDuYE1yuj-zmcACda9NMdDwctAU2RZxcppvCQLVIVuQP7PpxUPB8bGSJ7cK8KsQMvMCAdeSAxpew6Rn-L44G9tQ8lG9Y7yAkQbesXZbXs0T-5AgGyPWMHQxTSCPinyDWgmRteWOW9h3889KTyK1zKY8rqNeAl8tzMDhhyFuZkpBeXD-2syXOKINPhOiubOzQmbRvFIdVSjtzJS5oQ&sig=Cg0ArKJSzHqVhulYkVtzEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=200&cbvp=1&cstd=194&cisv=r20220518.72556&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.36.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s10-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Fri, 20 May 2022 10:12:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 3DF0 0
177 B 135ms
53ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/18.1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://grand.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Fri, 20 May 2022 10:12:30 GMT
server: OXGW/18.1.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 564D 22 KB
8 KB 38ms
37ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 167037
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 11:48:33 GMT
expires: Thu, 18 May 2023 11:48:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame EA32 22 KB
8 KB 39ms
39ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 167037
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 11:48:33 GMT
expires: Thu, 18 May 2023 11:48:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 3C05 41 KB
15 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220516_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 08:37:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 178509
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 May 2023 08:37:21 GMT

HEAD
H/1.1

200
OK

file.mp4
r1---sn-4g5e6nze.c.2mdn.net/videoplayback/id/094d2713b5919804/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1684577550/sparams/acao,ctier,expire,hcs,id,ip,ipbits,itag,mh,... Frame 3C05
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/094d2713b5919804/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1684577550/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signat...
https://r1---sn-4g5e6nze.c.2mdn.net/videoplayback/id/094d2713b5919804/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1684577550/sparams/acao,ctier,expire,hcs,id,ip,ipbits,...

0
0

151ms
39ms

Fetch
video/mp4

2a00:1450:4001:66::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5e6nze.c.2mdn.net/videoplayback/id/094d2713b5919804/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1684577550/sparams/acao,ctier,expire,hcs,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,rmhost,source/signature/823D519CFD6E628E71A7FE6A87B4DEB77E168198.3BF81FBA3C7273040555B5AAA82902AE72931F6F/key/cms1/cms_redirect/yes/hcs/ir/mh/3c/mip/2a01:4a0:1338:92::7/mm/42/mn/sn-4g5e6nze/ms/onc/mt/1653040410/mv/u/mvi/1/pl/52/rmhost/r3---sn-4g5e6nze.c.2mdn.net/file/file.mp4

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

HTTP/1.1

Server

2a00:1450:4001:66::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 10:12:30 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2146621
Last-Modified: Thu, 05 May 2022 14:00:33 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Fri, 20 May 2022 10:12:30 GMT

Redirect headers

date: Fri, 20 May 2022 10:12:30 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 701
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
location: https://r1---sn-4g5e6nze.c.2mdn.net/videoplayback/id/094d2713b5919804/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1684577550/sparams/acao,ctier,expire,hcs,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,rmhost,source/signature/823D519CFD6E628E71A7FE6A87B4DEB77E168198.3BF81FBA3C7273040555B5AAA82902AE72931F6F/key/cms1/cms_redirect/yes/hcs/ir/mh/3c/mip/2a01:4a0:1338:92::7/mm/42/mn/sn-4g5e6nze/ms/onc/mt/1653040410/mv/u/mvi/1/pl/52/rmhost/r3---sn-4g5e6nze.c.2mdn.net/file/file.mp4
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 3C05 0
17 B 147ms
69ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l3ea9bhj&c=8656233477000&slotId=4328116738500&qqid=CKnF5dLr7fcCFSjruwgdLCEDVw&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=660&mt=video%2Fmp4&vs=854x480&ulv=1&cll=0&vast_v=2.0&vmfc=12&vhc=0&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=59&vsrc=web_video_ads&ape=1&met.4=videopreviewvisible.128
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220516_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:12:30 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 834B 29 KB
10 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2315661356193284096/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2315661356193284096/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 12:53:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76757
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 May 2022 12:53:13 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame CED5 236 KB
63 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14428347934943306018/300x600.html?e=69&leftOffset=0&topOffset=0&c=up833lLZZb&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14428347934943306018/300x600.html?e=69&leftOffset=0&topOffset=0&c=up833lLZZb&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 May 2022 10:12:30 GMT

GET
H3 200 300x600.js Show response
s0.2mdn.net/sadbundle/14428347934943306018/ Frame CED5 48 KB
11 KB 51ms
51ms Script
application/x-javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14428347934943306018/300x600.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14428347934943306018/300x600.html?e=69&leftOffset=0&topOffset=0&c=up833lLZZb&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41c0c864bac84f7b74a8bd2ff917e061920990f979f11ff79685b1c3be9c43eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14428347934943306018/300x600.html?e=69&leftOffset=0&topOffset=0&c=up833lLZZb&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 19:20:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 139942
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10944
x-xss-protection: 0
last-modified: Wed, 19 Jan 2022 11:29:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 May 2023 19:20:08 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame CED5 118 KB
40 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14428347934943306018/300x600.html?e=69&leftOffset=0&topOffset=0&c=up833lLZZb&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14428347934943306018/300x600.html?e=69&leftOffset=0&topOffset=0&c=up833lLZZb&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 10:16:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 86158
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 May 2022 10:16:32 GMT

GET
H3 200 clicktag.js Show response
s0.2mdn.net/sadbundle/14428347934943306018/ Frame CED5 3 KB
1 KB 51ms
50ms Script
application/x-javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14428347934943306018/clicktag.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14428347934943306018/300x600.html?e=69&leftOffset=0&topOffset=0&c=up833lLZZb&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea51f498a2e11e522503ca4033674ae7233a3d2a5e5fe9c07491f5fbe5883ac7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14428347934943306018/300x600.html?e=69&leftOffset=0&topOffset=0&c=up833lLZZb&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 19:20:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 139942
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 995
x-xss-protection: 0
last-modified: Wed, 19 Jan 2022 11:29:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 May 2023 19:20:08 GMT

GET
H3 200 6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js Show response
pagead2.googlesyndication.com/bg/ Frame 564D 35 KB
13 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9caa3698b58479a78692e6303c5353d891066dc64fd2f4a34e14b2882fdb69b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 09:29:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2573
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13723
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 May 2023 09:29:37 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame E7BC 23 KB
9 KB 38ms
37ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 178499
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 08:37:31 GMT
expires: Thu, 18 May 2023 08:37:31 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js Show response
pagead2.googlesyndication.com/bg/ Frame EA32 35 KB
13 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9caa3698b58479a78692e6303c5353d891066dc64fd2f4a34e14b2882fdb69b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 09:29:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2573
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13723
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 May 2023 09:29:37 GMT

GET
H3 200 SQZZiMWhOLh.png
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame FEA9 767 B
822 B 76ms
37ms Image
image/png 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/SQZZiMWhOLh.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yT/l/0,cross/mDq0f2QLj17.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

818ce38e548c8222a2d3d31e6739658683964f9233ae770d41a918ead12001bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yT/l/0,cross/mDq0f2QLj17.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:30 GMT
x-content-type-options: nosniff
content-md5: 7Ob9foDk+QbAEt4lrnDs0w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 767
x-fb-rlafr: 0
x-fb-debug: Uyi/OoAfxytQ2h89YvtEUinn/2p7Ru3sOAQu4swFIubDljX9SM5NfOXnt5kznhWTe6Lg9P9ptAKivhI/VkLo8A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Sat, 13 May 2023 16:23:48 GMT

GET
H3 200 / Show response
www.facebook.com/platform/plugin/tab/renderer/ Frame FEA9 88 KB
20 KB 247ms
207ms XHR
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%22534904083375143%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2FZvezdeGrandaPrva%22%2C%22width%22%3A300%2C%22height%22%3A500%2C%22has_cta%22%3Atrue%2C%22has_small_header%22%3Afalse%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Atrue%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Afalse%2C%22referer_uri%22%3A%22https%3A%2F%2Fgrand.online%2F%22%7D&fb_dtsg_ag&__user=0&__a=1&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG782Cwooa85ufw5ZKdwnU6K3a1PwBgK7o1yEfo2IzUuw9O0RE5a1qw8W1uwa-7U1bo6iazo11E2ZwiU8U&__csr=&__req=1&__hs=19132.BP%3Aplugin_default_pkg.2.0.0.0.&dpr=1&__ccg=EXCELLENT&__rev=1005554173&__s=%3A%3A8b9osc&__hsi=7099759396298805605&__comet_req=0&__sp=1

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yU/l/de_DE/BtCgZXLQzzQ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f4331717b2c00a9391779a78eeb46fcb600c48f09c67fe095589c75a245d6093

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: GfE7P_HdkJtAS2KywswpqC
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZvezdeGrandaPrva&tabs=timeline&width=300&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=false&appId=534904083375143
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: YXR98DfqQMNwJ8oaFYHbc2w+K9jhpPxROw+EsKwHh5fkM6wkZ+lpM0TdGAskE4Ffc6ixw6vbFuPnab6BRe3zUA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 20 May 2022 10:12:31 GMT
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/platform/plugin/page/logging/ Frame FEA9 971 B
598 B 100ms
61ms XHR
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/page/logging/

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yU/l/de_DE/BtCgZXLQzzQ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

30fd45cd263e108ba66882028c972c84a01f71f4719d8322ce9053497ef69d0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: GfE7P_HdkJtAS2KywswpqC
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZvezdeGrandaPrva&tabs=timeline&width=300&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=false&appId=534904083375143
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: q7EIjeNa3RnRzehmZI3SsLkDaEmnjoye3A85ftgkjWWtr/a7WXCjFkLQ3BrjJgZyv8yuza3bK5bRzue2lQ612A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 20 May 2022 10:12:30 GMT
vary: Origin, Accept-Encoding
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=1
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/pages/call_to_action/fetch_dialog_data/ Frame FEA9 971 B
591 B 95ms
64ms XHR
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/pages/call_to_action/fetch_dialog_data/?id=1712607798967513&surface=pagePlugin&unit_type=VIEWER

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yU/l/de_DE/BtCgZXLQzzQ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0343a7a10df4257f535e4ea0ac18c9d9436eee11e34def6494525640026ff63b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: GfE7P_HdkJtAS2KywswpqC
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZvezdeGrandaPrva&tabs=timeline&width=300&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=false&appId=534904083375143
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: D9XxsR0iEYVvS9DZXqkkxlcf6+4DUOB0F81YC44Yf4Xe2HW9OuO+vb/ftfUmdj+8G8Nc6vwpE1b3oFm+pK97Rg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 20 May 2022 10:12:30 GMT
vary: Origin, Accept-Encoding
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 LvxWU8GROx1.png
static.xx.fbcdn.net/rsrc.php/v3/yk/r/ Frame FEA9 28 KB
29 KB 37ms
37ms Image
image/png 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/LvxWU8GROx1.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y-/l/0,cross/2Wrb3kFIcuy.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

daf10bd3b413af46baf9f5ae42fa60e9d95f04ead18b0bc75f2973395ccd5035

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/y-/l/0,cross/2Wrb3kFIcuy.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:30 GMT
x-content-type-options: nosniff
content-md5: ZWDikb3Ir0bcCPo+/+lPHw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 29133
x-fb-rlafr: 0
x-fb-debug: MWHNlq3QtONQMf8Q35VeXT9SQxvguYbk8y5oKjAaQWxpXCuc5wB94dGPj/DKhIxAzEUTbs2M2jpaDnplE0VTdg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=6
expires: Thu, 18 May 2023 15:13:31 GMT

GET
H3 200 onuUJj0tCqE.png
static.xx.fbcdn.net/rsrc.php/v3/y2/r/ Frame FEA9 4 KB
4 KB 37ms
37ms Image
image/png 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y2/r/onuUJj0tCqE.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yT/l/0,cross/mDq0f2QLj17.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5f71fcc2d00d22ffd4d9a07b64c435f88de80893f838fa64a45c386cbba0c601

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yT/l/0,cross/mDq0f2QLj17.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:30 GMT
x-content-type-options: nosniff
content-md5: OK0dmVpVmdoMRpKMP9eDcg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 3944
x-fb-rlafr: 0
x-fb-debug: a9D1+/wggJbC+NuW+dReov/BQSkzkS2ncni69nN/W09G8VdxUAQxHrKv5Ve9IcnQgH8VuapdpmyVcDV/55ChRg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 13 May 2023 16:24:10 GMT

GET
H3 200 y6-VNgSWuOX.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yS/r/ Frame FEA9 14 KB
4 KB 39ms
38ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/y6-VNgSWuOX.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yL/r/1Tnu_xZm4wj.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

17e309563041ceea933a5de09dda57eb3f99490aea47f8fedc1ecc70e60e96df

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:30 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: JmIqL0faFYfk1NIp2j42zQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 4240
x-fb-rlafr: 0
x-fb-debug: 8WReVI3/SGuKSEFnna9ILTjG17mNvgHEZix3IEPmangIU44sHXrKVNQdB2RSXxES+oUXmRItpzIQ5zoDGFRezg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 19 May 2023 12:40:33 GMT

GET
H3 200 aYByS5jFXEn.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame FEA9 355 KB
75 KB 40ms
39ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/aYByS5jFXEn.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yL/r/1Tnu_xZm4wj.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fab221d7ded012559b6b6da267de375de9caed782e23c92bef7bb8994a68eef9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:30 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: /tk/DweEMFTaBASzKXi+UQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 77105
x-fb-rlafr: 0
x-fb-debug: e/QuCNDRZujtr0My9u1lyTZm4qZ5E9nYSv9J5g5uvjYfoay2ZtV5sU1ZpAKA+iUd6G/Y5d49xUSoRclS/YybGQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 19 May 2023 18:24:10 GMT

GET
H3 200 z9Y8R-PASwC.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yB/r/ Frame FEA9 51 KB
12 KB 40ms
40ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yB/r/z9Y8R-PASwC.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yL/r/1Tnu_xZm4wj.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0a557971a177c79e7b3cf729b2f4e0d6bad458170a3851850ecbcd0c7cc5b6e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:30 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: uC1y5kEcymYF3GmX+8zZtg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 12731
x-fb-rlafr: 0
x-fb-debug: xt4Mmliqptub5GZZMlBfbWk9Z6gUTLeD+8sa1b5traT8Hf1mEb9+FiJIYMJdLKJpyitF7Lgbxhq1WfMIvJhsfg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 13 May 2023 17:45:37 GMT

GET
H3 200 VolvoNovum-Medium.woff2
s0.2mdn.net/sadbundle/2315661356193284096/ Frame 834B 38 KB
38 KB 38ms
38ms Font
font/woff2 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2315661356193284096/VolvoNovum-Medium.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2315661356193284096/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2675ab1d1852f1aa30e272d7c2b1b9616e1f4771a94860e0d92bc7fca6c3c48a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/2315661356193284096/index.html
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 13:54:22 GMT
x-content-type-options: nosniff
age: 591488
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39068
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 15:37:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 13 May 2023 13:54:22 GMT

GET
H3 200 VolvoNovum-Regular.woff2
s0.2mdn.net/sadbundle/2315661356193284096/ Frame 834B 38 KB
38 KB 43ms
42ms Font
font/woff2 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2315661356193284096/VolvoNovum-Regular.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2315661356193284096/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e5f1317cc82513c64ed99253fb671fcc6d6b8c5078776a38d7f89da22e75d2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/2315661356193284096/index.html
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 15 May 2022 12:22:40 GMT
x-content-type-options: nosniff
age: 424190
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39156
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 15:37:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 May 2023 12:22:40 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3D95 0
26 B 177ms
80ms Ping
image/gif 142.251.36.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssQ5dE0Lt3JAw-Ys2US_HxaE29qRXl4AjnBIW9V8OPP4MBXWj8rI4kdFGyTlaxmr-pG--qF1PL9vCsVNab6n3Pr3jZ6RL8h_RnYUshmdigxhHJk-enpKGZIzBTcrkj07TdWeL6bPL15u-zpmnafRGikYZ2eDamz1CA2hjUMUSxGStqZg58qVbKxKCrIbIJ8uRINoY6LWAZRjRjiS1E3O6mi36EhxWtU-FzCi-XrQGT9GIMRVot9ufLZfQQeBCK3rYllIlvZWdQewftjsPRyjl7NxmNwrvKIIkofq8dqe73Br6U899i-YYQQ0JyLFL2z3_NGMDWYe0igaScgA_K6Ukdca57UN0Re77-JIlcoTE-TgOotT4_nPEkIQDfu83Cf4FsuAyanXQb7TjHli-3ajRQeYnA22WVLjR34NJ1ntNYMGCYBzzUTKXc4__FRJ6im8ztkiLp-WbGE8nmwt9ZNhJdxEP4msfl36azzgwLZnmldBy4tTKyD540oGqoYOHbH3MT6Lej8zreWynf3YCvMdNFn3F3_4GRNNp-X00nGJO5bW8QaHDoqHeLxkw8m7G9n3oXiTC8DhPKeA0wlBr8C4iA80zOFmHe1eZxw8PUidVuc4tMVLGZ8Y2hUHAHZCgSPw40jivk92E8zII_dZB5vimWOiR-_zebtZwjRD92XRUHFUxffEI4D_q8ftwZ9L8bRDs7LcdFmduyaSNiGR6gI0urOJg4MxRvB4R_tFMCGZ5lt6HA_ZoiPAcj7Xrc3IVwupDjOnXrFh0pxqAusUxvyUHUzL3HtRsEAnwnR7H5KE2xnF2fBkULNPNMvX5DTlfHMZ3hhcREGC37_d-GRq2R8-Gjnc7zrun-zUWtQremNHlBInr72wMUSMnTXl8bgtPZRiu9mE5RClS78qhoM1yoaPWpjsrnRAanQ04Po2f_gl5H0YsgTixXGBag8vtJvWKuBdwNq2smN_cIR-2ao4HpQuZ2kJXI96OcFBDuSgb7DaznvH-flUcIfYIXGvGj2GR_lnO4Y1iCeWIch4OuILsacWJv7OUwNSuJqQCBLKP9k1hFqoz-36jysS90qzm0TMdxsZy2XMo3pVM2HRB1zJsNDyOawW6M5F6espa8Frl4eiX4E9W9IOZquIndIKl_B-0CK9WmiLoc784Cx5CWqPMCg2W0lTVcMxx70uA&sai=AMfl-YRSbI4QZeXX6cgx9DDuYE1yuj-zmcACda9NMdDwctAU2RZxcppvCQLVIVuQP7PpxUPB8bGSJ7cK8KsQMvMCAdeSAxpew6Rn-L44G9tQ8lG9Y7yAkQbesXZbXs0T-5AgGyPWMHQxTSCPinyDWgmRteWOW9h3889KTyK1zKY8rqNeAl8tzMDhhyFuZkpBeXD-2syXOKINPhOiubOzQmbRvFIdVSjtzJS5oQ&sig=Cg0ArKJSzHqVhulYkVtzEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=523&vt=11&dtpt=323&dett=3&cstd=194&cisv=r20220518.72556&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.36.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s10-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 May 2022 10:12:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 487B 0
26 B 157ms
80ms Ping
image/gif 142.251.36.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss5ZSMya0Bu4A37eZxcm6EuUlmb95VlagZAShJNPr9SGJ-i9ahZXlKiuwfaDApkzCOxEeCMuWUs5UpsyvDNcHOn7Fs18Dp-C0gSa6h4L4HcZvIMHPA3dPlT9Onygb_1Noil7JQzZZ7KTAKAF_lA9amPfEOqT4lT2wASfroHUmYx7bJe1ZFuqKewTK42jbEGiJ1CtgZTxyL9IE83X7kpQWTgeSVzrdIoG3sK8-Firh9KqdvBMeE8wfodZvPMlI19MB83uxj51T5iKMFt7G-vJAIueN_Zy9dq3eOGersiAPreinkOq_juu3bIwCq58IeIUorYBIYVPuJEvDTFrM2m1aFGtxgEF3ZnlLxM-2D-Hrr4172nKgFdmHOaMQKFnJlZsJSStoCz9hyFy4sXg_3cGcEpIGiJ-jrFf6C4BMpNjvmgZsvdxoGJ9druHFD9bEVptePj8I8-_FKz9J8LoBkJLoCem7ycB6BQh7GoICICjg0cC3--P_oa4ac9_PhpfG4Xtl3NP89_0t3jOoYzIuicbUYX5-whZf-01ySlJb9tRv_CgsawBneM-B1r9lpwccLPWf3csgik_W8kl4aYF9GXjUzx_UiGthBDRq0OQyLv3IdaojNfnNuTSBTzPfEwNYltl1v8zwwGEW-Fs4Qh-qb3vFaA8hIM_eUFKslOl7oQpsOcvq8d9hFvf6f6jKFFQUHEyA_NyEdY9TalwuOoaRksXEwZmf2UQFsUUAeJwmSnmVRyIo6BXfQVhcEs0qDpjQZR-SsZbzRm15dBbDjJg4BENK4VCnnNNkAANqodaNXbvl7cyLMoGJz8lOG90TDm6es5ZKLfcp9qB3TbbQ427ZBCQPAE_UG8ZKtwvMKrTBcRah8ZIDieWfnQ8J8yE3UVrcKc_9f9_wI7-qtBsQ2yaELzJJEWwD6lK6IGu2zu9vLxAdcGoY-dzI2kBFaFFOVe9_vEowJlSK067bMr7eStfMfzss_pbO1cYAHrKR-ki1budKuJjS826pD4KRgpNh8_Q8GCB8uAIofXAvP8bcecpQ3og8-4iT_mL9JJ8UxkYKtrm5a5sAjLk4Tc8Ydv2SZtvokFytJhX3yeNKgst2pvfBIHcPAMv-bBkiLHGwTpNmqxeIEv3v3dlv35Jst1JKkaTSEyhxlhCmC_5xxXlT0rjlgvYYDexxDfPwtPJ0FZgPwefiOGY-g3tw5cFeBTBhq9crY3XRJTKNwM&sai=AMfl-YRvoOIowE6CgEXxFtTJyvpWuuGaqSVkrOGiivHs39Ve3mhmgg_c-mQ1D6UDom6L2_-G5RdpwWRDKtN4aSKMB35prHUdq_oaRvC16nremDnldxZMmYX7JLmRCpThhZ7q8tkqRhOspeBoqYnSUXYU0Dcdw2-lLrOr49BS9L5br993I_3TC9XgXMv1QqG5cpQjh1_12UwmaeTWaBNsNPlwGp9MBYQDk0PT0A&sig=Cg0ArKJSzOk4SXVMCm3hEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=562&vt=11&dtpt=383&dett=3&cstd=176&cisv=r20220518.54491&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.36.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s10-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 May 2022 10:12:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 OZcLupMIkEN.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame FEA9 279 B
243 B 38ms
38ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/OZcLupMIkEN.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yL/r/1Tnu_xZm4wj.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

16089cad50034af52ebca1e2e7c310f76b4b6f625b89ad07d5b59ff377f332b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:30 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: QusOzUJEj2HVYgmawONobw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 189
x-fb-rlafr: 0
x-fb-debug: IwLPZ2i9bcNpRWsv9MOvPfhNSR6UOG/QKmICtiF7AXqJGziPsNcXlVXkmKdMs3iJzh1D1FWhpOwtNXZfeC9u7w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Sat, 06 May 2023 19:51:11 GMT

GET
H3 200 Volvo_Black.png
s0.2mdn.net/sadbundle/2315661356193284096/ Frame 834B 5 KB
5 KB 38ms
37ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2315661356193284096/Volvo_Black.png

Requested by

Host: f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com
URL: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5be30616d437d2baf9041a6648598542ae30fed30d261b002266e5d58969685

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2315661356193284096/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 13:54:22 GMT
x-content-type-options: nosniff
age: 591488
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4824
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 15:37:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 13 May 2023 13:54:22 GMT

GET
H3 200 Flash.png
s0.2mdn.net/sadbundle/2315661356193284096/ Frame 834B 3 KB
3 KB 43ms
42ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2315661356193284096/Flash.png

Requested by

Host: f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com
URL: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baea5caffda9109fe3fe251376d60a25ea43c846fa7bb8dc4b15da44a78c6760

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2315661356193284096/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 09:36:18 GMT
x-content-type-options: nosniff
age: 174972
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3431
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 15:37:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 May 2023 09:36:18 GMT

GET
H3 200 Floor_extend2.png
s0.2mdn.net/sadbundle/2315661356193284096/ Frame 834B 56 KB
56 KB 38ms
38ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2315661356193284096/Floor_extend2.png

Requested by

Host: f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com
URL: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f93264606087b4c1dd4e0bb8bf2ed92549c53fe8b5f095d214c4e72a765f5482

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2315661356193284096/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 13:54:22 GMT
x-content-type-options: nosniff
age: 591488
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57259
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 15:37:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 13 May 2023 13:54:22 GMT

GET
H3 200 Spritesheet_XC40_MY23_4.jpg
s0.2mdn.net/sadbundle/2315661356193284096/ Frame 834B 783 KB
783 KB 43ms
42ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2315661356193284096/Spritesheet_XC40_MY23_4.jpg

Requested by

Host: f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com
URL: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a082bfd96630ab857ec08e4e0055175aae987aea275d450f048ec3fee5de5383

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2315661356193284096/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 13:54:22 GMT
x-content-type-options: nosniff
age: 591488
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 801309
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 15:37:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 13 May 2023 13:54:22 GMT

GET
H3 200 6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js Show response
pagead2.googlesyndication.com/bg/ Frame E7BC 35 KB
13 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea76c98ae3087db3370ab358fad0c88f209d7498ac48a70ef595a9fac54920d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 18:41:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 142262
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13771
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 May 2023 18:41:28 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame CED5 7 KB
5 KB 124ms
48ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c2dbd98ea9364910d04630ac9c68e3639ce0601fbe7a0edc53f67a88ad40f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 May 2022 10:12:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5503
x-xss-protection: 0

GET
H3 200 bg_img.jpg
s0.2mdn.net/sadbundle/14428347934943306018/ Frame CED5 72 KB
72 KB 53ms
53ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14428347934943306018/bg_img.jpg?1642577882361

Requested by

Host: f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com
URL: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6273bbe2d073be457be08c9f3587fe63cff2293e814a2496bc874052777495e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14428347934943306018/300x600.html?e=69&leftOffset=0&topOffset=0&c=up833lLZZb&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 19:20:08 GMT
x-content-type-options: nosniff
age: 139943
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73816
x-xss-protection: 0
last-modified: Wed, 19 Jan 2022 11:29:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 May 2023 19:20:08 GMT

GET
H3 206 file.mp4
r1---sn-4g5e6nze.c.2mdn.net/videoplayback/id/094d2713b5919804/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1684577550/sparams/acao,ctier,expire,hcs,id,ip,ipbits,itag,mh,... Frame 3C05 2 MB
2 MB 79ms
40ms Media
video/mp4 2a00:1450:4001:66::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:66::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

a7db7607822081e6516b09d1ec4acece3f12d70b1ce669662d75294b4c7ff353

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 20 May 2022 10:12:31 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-2146620/2146621
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2146621
expires: Fri, 20 May 2022 10:12:31 GMT
last-modified: Thu, 05 May 2022 14:00:33 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com
client-protocol: quic

POST
H3 204 csi
csi.gstatic.com/ Frame 3C05 0
17 B 71ms
70ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~l3ea9bnp&c=8656233477000&slotId=4328116738500&qqid=CKnF5dLr7fcCFSjruwgdLCEDVw&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=660&mt=video%2Fmp4&vs=854x480&ple=1&umsem=0&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fgcdn.2mdn.net%252Fvideoplayback%252Fid%252F094d2713b5919804%252Fitag%252F59%252Fsource%252Fweb_video_ads%252Fctier%252FL%252Facao%252Fyes%252Fip%252F0.0.0.0%252Fipbits%252F0%252Fexpire%252F1684577550%252Fsparams%252Fip%252Cipbits%252Cexpire%252Cid%252Citag%252Csource%252Cctier%252Cacao%252Fsignature%252FA958222C8443622D5578AE7D66AB17F411692FAC.7CD848AA94F251298924FB96E624CD0A851BDFA9%252Fkey%252Fck2%252Ffile%252Ffile.mp4&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220516_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:12:31 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET /
www.facebook.com/login/ Frame FEA9 0
0

GET
H3 200 /
www.facebook.com/login/ Frame FEA9 0
0 218ms
217ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FZvezdeGrandaPrva%26tabs%3Dtimeline%26width%3D300%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dfalse%26appId%3D534904083375143

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yL/r/1Tnu_xZm4wj.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZvezdeGrandaPrva&tabs=timeline&width=300&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=false&appId=534904083375143
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Fri, 20 May 2022 10:12:31 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=0
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: 3oFOHd8Wa/cZaQotqrnAeUhAJjNJurB+GlIz8FODgj4xMDMYt923eHpiTcgLmzJNSO8kAn15GHlHJuKIGabCaA==
x-fb-rlafr: 0
x-frame-options: DENY
x-xss-protection: 0

GET
H3 200 PJ5TlL3Rf-e.css
static.xx.fbcdn.net/rsrc.php/v3/yN/l/0,cross/ Frame FEA9 25 KB
6 KB 61ms
60ms Stylesheet
text/css 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yN/l/0,cross/PJ5TlL3Rf-e.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yL/r/1Tnu_xZm4wj.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

80eb5d1b96046c4c88351201596ea3be013f52e6f3850a32a4e350387af3d8be

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:31 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: FSX0ozsRSDl7k4pX7Fa6VQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 5766
x-fb-rlafr: 0
x-fb-debug: Fi2dsalNYqydSTaEYnPKQSZ0eZ+wNFAIeTw/0B+I0x30fSt66/+zu5RC9nRcj7gQAIWJygqhnryNvKfNGI+NgA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 17 May 2023 15:10:22 GMT

GET
DATA 200
OK truncated
/ Frame FEA9 2 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb4a1ce6dfcba35211052403191f739a43aafef3ebab7af5e3866d02da0e60fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H3 200 HvtzL7rXghI.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ Frame FEA9 62 KB
16 KB 61ms
60ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/HvtzL7rXghI.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yL/r/1Tnu_xZm4wj.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3c92b02dc02a3c8f09d3b45983b439125c22d98c2d867a5564f0e4766cb466db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:31 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: VYpbfvtYKSZYlU9aBzjGfA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 16490
x-fb-rlafr: 0
x-fb-debug: 1bUvDECrOqg6ZnpeGEyDFR5nLo/LTavv1xqayE5UGy1Zf+Y9XUZk/gJrEbqqu9k+RYpzsNBl8GungrM6kKJdDQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Fri, 19 May 2023 12:39:43 GMT

GET 8YnRghvnApx.js
static.xx.fbcdn.net/rsrc.php/v3/yL/r/ Frame FEA9 0
0

GET T76C0_1yFNq.js
static.xx.fbcdn.net/rsrc.php/v3/yJ/r/ Frame FEA9 0
0

GET nGwZIX76ikc.js
static.xx.fbcdn.net/rsrc.php/v3iUY_4/yW/l/de_DE/ Frame FEA9 0
0

GET MDNj1eUK5bV.js
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame FEA9 0
0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame CED5 17 KB
6 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 20 May 2022 10:12:31 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EA32 0
20 B 96ms
96ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BzYBHjmmHYrSyEcutlQeQkoLADQAAAAA4AeAEAg&bg=!b2ylbCjNAAZ4vKt9WLw7ACkAdvg8WgCGq7o5JY2kEef1fi5aTJq8sKm6k-uQZxef953HMOqjoxWaRwIAAADFUgAAAAFoAQeZAvX3ONtadnrdZZioGkdAo0sZdJEyH4oMZpEtipmk_a25iJFpiwGtar3jKMl6vpCy5gBmuIJyF9EMT-Rq6n0JzM1fqOKvldob9eqe8USV79SILv0hIRLKIpF2DPB0d9EViBsX41NSrG2u03D1gBeNeHVDB_yEhxvTF2-4PoWKLYE4TvzJb6oZiwwe5ZZ6CYNDrF_B0UDwYVeHSzw4mLmfwGCZ1nvVKJi8HngvtZt6xEhL4qmfWi_FQsk-18cRtunLxpbomSt-7R4tCenBfoNWZJfwKab0hA3kTklmjlT279aLlSPEZFRZw4_IKiVpuTdjcFACQ3_MbkWL_aQXS5Qy9JCipmmqs5pixNbUPYB5jd9EnNElK5JbH4MyZiXcBp_ye1n_qZHs02k_v544In3NbE-BJpV1J_j9igkiepkgie80QgqsxqZjgTIhUntW5JhZUnkdldf9q8Lt1TtgQbKDT5FDXJJJq3BVNmWfoMe6yPbQcKi8HSAoPF3nYcSk4ck7ImxzAFIxbfmVenXPklh8l-sXPttwDpcazOs5RFW9aB71d-4pNBUGuKB4uL7w1Eqs6B6yYAv2zAkTWx856SbvIJoZL6W69dFZtL5BZriejLPhceuJXRuBaT6wHD92KrkvwCewebLKcS7yM_cKlFbI1LUOD9KqIys5t5pnLJvWerNJik3d8LHVlmCSgQFN84gS9s_6Iqs_ayiXkD8e5mZ-311nJWWXFgmBQamDrQBZK-flXGlnbH7HbsYENasZV3YbtMF65Ey7ZZIXAoL1wF3TZXf109qgNnou_uigsLYCdv_JNhBGQMtDKvRze0EOh1ySFYp1fkxOVSL8DRNX1dy6DqSnv7N1wUPVJkeXO-L9zuEE9JDXbq9A-uvhdqNkskHV-EzHxTcxr2qsyrFmNT7pwNFPVPWDq5SXK7X0u9AvfEKT7bd8Hy8ybf1M04ky8Vwm5_fyKrX4Or4DRh6wcsq31VmB42zblY7CmqMVZUySd_R7csqIoKFW

Requested by

Host: f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com
URL: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:12:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 564D 0
20 B 83ms
83ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B1_PajmmHYu6vEZ3U7_UPqqSZCAAAAAA4AeAEAg&bg=!zc6lzorNAAZ4vKt9WLw7ACkAdvg8WoqUcvd5mtVi1_yUuR-x1Vmn7iKfmAjnEGzMkvTzXgHIYNrpcwIAAAECUgAAAAZoAQcKAHKvkBtj8RMBNVKYjY0jmx-X8O-1v49uVpuUh2aZNb6h6c0S5Nr0il156QM5sp0v4mETumpx7r_cBFGtESMVVS6_SDctw6Em7NalnODhbgyOZA0TQ1cEtPQRSdS1EFjhC5Re4EuWJzRteZpaZ2lmWHihb2CZAuEIPFZz9NcOQMs2YjwqPlx4Bpcrybcc-97e4lRcJe9hSGJL8JllTcNWH61jO_6yYiWpHRCQYRIlcpLcrAigJqWhZCPfzs2vfywtxM0c6QGHHDJxdG-n8MIW2DQsi0y96cT6Ynj5HCoheSlAbJ9gqsRsp4j5QafnI44TIdU7uXIT252XH1WoPEwnrhNXeddEgkIi8_EaEBtrXLYJikgZA7dMllxZLMDhHYzIHWIz1Wbk93BHj7UAUnuqFGA6UPhA_v4cB4OvplPzyty1x0OW5_Ogplfm7PutrHM_Zobw-z9uYFE81w33T75v8T5_LTZA3oRKpo4wl8qyYgEtSfedHZSlrszMXnUIFCIyZl9kIoof-NniL2umVho3TaYve2oreLQTd5Vu06fSaj8dLwZF9fdOGfhH0zhT9pWfjZ2y4bRa7tl9WMF4LaRm5x99oTbtp3qXEthb333c65uGpc853c8ReSR4gdpwMgxz1RdiVmahQ2GRZU71XYF-VC_aOfIXlWPz3clWtLG1StZONnlCvmNSrsDvzl0ZrEiYDdqAK-cqZ7qskwDYGoiy8y3B1psEx1LSPnqPMk2as5qirC06eExhRyKMc04XKYK_Q2KhPdhDtBNyVBlkoGp4QIOx_6ayns8eXu2nHzM-Oqp1fLJ-ValMPgqoi2tf5KEuF4Z1xxOfFrD106m8XhA8KoZhszJOFP1YILNOoPi3GaGuq23X2xYSZOZadjuo1slV5kCD_VdLdts41IZ5XpvQZNqECd8wMqV3k_9h2qV7wCRemeZYd-87yDET024pWLtyLxo5Xeyut1PjI8RMzrYdQIsWzvdVvhLPyN-6fAEd8DFlkSEPUG-B_qGDTOBeCVI1WD6Tf6H_kYfQXBsx6IG6jLMsf2SELQcQK7nyIHYcxvte8lEUqT0MXUx_fTY-BBbmeTY9qPXGuYvaGrtnFYeo3T1Q50g7I-KpzXTbBugrbF0f3WzOqXplFA

Requested by

Host: f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com
URL: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:12:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E7BC 0
20 B 72ms
72ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B_qZ6jmmHYtygJIW73wPK8reoAwAAAAA4AeAEAg&bg=!CAulC0_NAAZ4vKt9WLw7ACkAdvg8WoEjhHQ63wRaqigWUsHd5TOw1xymiF5gav7MkvXWYXS78-KU8gIAAAD5UgAAAAJoAQeZAuTmdklz4Izros5hrz_EL1Eh8_YTjf_RkDZq75mlmFShp47e2mZnB3-u7G5nziU5TQhCwpcXwRo41tISliqr-lEvZ6nryCyqEePqVyjM6jwnfcgDEuq7aYprNKVD6HY50LCWiNIC5RDqT17mCVmKWpD4M1MguyVklvGT_5h0PV8eIspjbQIReM1bUsTUU6rP4CVc_UrluwslufSq4AL4lgPGHSGwlIPU_iEq4aYbzUNtV7bo3eYLZicbGvNxcUjNVB8sE4CBxrAizTsRt1UOfQxcoJxNunXGnXkKUCBhcAtVDYxBufriXXC0Dr6yBDc5nfVVn_CeDERns3KEN3P85ft1i1pVKhR8bLRa0stWdDvDdBf89s_CnBtylPcWPIWK_OY6huBW1Rm77Vms00nB95kZyv1cM30cYqBAUvrt6RhUWvqgIBnxz0ZN3QAPUAGhmOdr7URK67AfeQ2PF_uO4kYbFOb972bpyRy7hZw4EtgZf2NeBH-ua9KEOODeMwaYYEUr_XjoffZkRmK07Cu_RfnQHk3D-Kzkl5sVDUOfH6WZLbOGHjx-UXmPDfdieVgij5-qQMVQjZ6alNWVImp8KVmYi-0kp0EGCDxULVlGajGYgsJxksWv1m5a3bovKhlMbe37ggxeXmu3HloPnzRfJJdFJd2pUnrT9X3eX2iMg8oP1bOrUfzBIJ2WqxW1za_RgnmvuXNRNXKS7rn5SfQWtJcBEmqkPhvT-6Gt3X2z38_ZCJfGX-oF3SCEBoV1if8GMo6r5cK35Nk7vlo0Gn8nysPWptfJ7FOrd7TFMP1q0h3xPVjCqHvaqkTgYVCO4zH-8ZQI31CCjEMqE-GzPpfph9409tSb2F8XIoAZ5__HWpkNJZ0s_eXv1bk6MkDGqNO0TsZW5aRS6FPos7AGF-BA2Nr4TbLjCjLm5cbAcCij6AMazkVVA8HXXi6fnXyYFxYQHsyQoVlFE7OMkXmZDix6Mj4szFukxA

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:12:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 3C05 0
17 B 70ms
70ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~l3ea9bxk&c=8656233477000&slotId=4328116738500&qqid=CKnF5dLr7fcCFSjruwgdLCEDVw&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=660&mt=video%2Fmp4&vs=854x480&event_name=first_play&asset_bytes=227647&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=12&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=1&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220516_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:12:31 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js Show response
pagead2.googlesyndication.com/bg/ Frame E6F3 35 KB
13 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9caa3698b58479a78692e6303c5353d891066dc64fd2f4a34e14b2882fdb69b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 09:29:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2574
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13723
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 May 2023 09:29:37 GMT

GET
H2 200 dc_oe=ChMI3J-w0-vt9wIVhd13Ch1K-Q01EAAYACCU4dlROhoIm9qCkAEQjPLAr_oDGPX44t8DINeKiIO7EEITCKnF5dLr7fcCFSjruwgdLCEDVw;dc_rmcid=CAASKORoiMbfnM7_5ROcqh6X7J5ZPlKBf0LfoQf4dEgWAqHBbn8EuujLzco;eps=CIjhgBAQARg...
ade.googlesyndication.com/ddm/activity/ Frame 3C05 42 B
107 B 185ms
74ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI3J-w0-vt9wIVhd13Ch1K-Q01EAAYACCU4dlROhoIm9qCkAEQjPLAr_oDGPX44t8DINeKiIO7EEITCKnF5dLr7fcCFSjruwgdLCEDVw;dc_rmcid=CAASKORoiMbfnM7_5ROcqh6X7J5ZPlKBf0LfoQf4dEgWAqHBbn8EuujLzco;eps=CIjhgBAQARgd;met=1;acvw=sv%3D926%26v%3D20220516%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D20053%26vmtime%3D18%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D879965996%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1653041551820;dc_rfl=[URL_SIGNALS];ecn1=1;etm1=0;eid1=11;

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:12:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 3C05 42 B
64 B 126ms
50ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Ceq82jWmHYunKFqjW7_UPrMKMuAWz4_uNateKiIO7EOSCu_uaAhABINnpz3tglYKAgJgHoAGX_pvwAsgBBakCV9Qjr1W9sT6oAwHIA5sEqgSiAk_Qk8TIAQ2UZ1n7gEJEVOHvqczYfEF7WdQxaAK6TW7Mo6rlh9BSGBnOtsYtMSFHVHmza_zbKlF6SRzRPhyVcvKPKRKtFy9Bo5c87vgzAmS739xQettFdMnmzof9ENutMs9RB3mMnVYYzfZFnPilPlo1Jsw8S7W4m3O3JtWcnVvFZQz4d8Z_gu9juKlMLY9c0rsoqFB1tAeooais6jdtPbi4o6QX0F3f-z76Rqiw6ouy5_s1PVHFL_ZOFkV0jDsDrIDFrZCHGULr3UXTsQTV6ApsCpfHKS9Dy5K-1llot33m1ON8H1H9H9223DCeke6JWU2q2H4HlT9ifGgtK8-AcudfkcaukI98Ga_7DFLnO-BQUxrgTMKsY0v5vbAKlNWrqwk_wASM8sCv-gPgBAOQBgGgBnaAB9GB5I8BqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgdgAoDyAsB4AsBgAwBsBPOtY8PyBP1-OLfA9gTCogUAtgUAdAVAfgWAYAXAQ&sigh=rG_wO3de1AM&label=part2viewed&ad_mt=18&acvw=sv%3D926%26v%3D20220516%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D20053%26vmtime%3D18%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D879965996%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1653041551820

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:12:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3C05 0
27 B 88ms
87ms Image
image/gif 142.251.36.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvga8ouIoSGaslDi8laFcli4hJJ_MfBnJiCVQv5XNCePnoj7U0WmlrVZham1w4fDJ3RuktUyDJ2HETf4Jb2cJkJPc6bv-XpN5wZ4GSOjbV5-HllcCDScMtK1N-dAf9Zr79oCbC8cOBYgIV_HzNwXirAHf78AGwzMXjDRf1Mrpz850BmdyNnrBUMZAEBPXTLKzpz7S7eqW1zAfaECsWVgWNTaAEo3tm2r-m5xiYoGbHiPPbCiCRHReOjyyB_oDhyam2-KvKBpu9vliyXbsRZw3k2c038prWo57sigmuyeAdwzJgch2Zha1l_zfBMvJEIcV4fSSQayIcsRm0fatz8kCRvJJwUVNPGRZ4v1FKaE5iD-M_VyNHrgJ5ncl-RzAl1WdUmjPgGezBLlhuYTjokjQIAQWy0qLwGG0QV5_ayXyoNeAzVDYP2jDyAG4tNO7xxjXPM3LWxFviNLmR_mtAqx8j2WntYA3EldJxRCNIEKuxuzn88MPIGCholnRGqkokPAg1z1iTY3ml-vyGNnJ5PASj8STd_5agMIkbmOM97L-0HgxO4WZROuWI5BSCcQ0BB259mp5W1nKAxNqCbPzSklKxi-E_WC626iPvCaaCO25z3Ae23g9ApwroXl8BqhktReetBAPWnnyWEiLkbOPphnZojC3GEIoAgA5fnPtwTG8fH95awv4l8eFQ7WBihBfcnH9aXjNVHI2P9v60NqS-ZvXW_eVILkGO87OiA3jgw4F5jbpZYNdtEx4japXqn4lzHtfFpr2RtDGS7qB9ErVHoj2P4fyyGORPnQAbkI15dt1QVBIpYNuAIejurAFA0pPkTK1AwJ0V17Ydl-I8X5wICdl20aOUDN4T0RjUgVvmJ-ukYZnMKk97PFd9eVs0EX9h20kRQAfKyEH9BBqRyfXQoiF8dtLPwg94XA5o5lMxeVJdsNdUTzUUC3OEjW7edJxz7Zz7e1TQ9YxwrA9z-AqBVGW7OClyyrmiOXoHfbpZI6jbXylgEHsIfTFhvHt_RSMnJbX9AXyh3ZHO7l1nuAP1yacfYkfUfLqnBlcS-5Y6m3czG9HqLY8u91j0e3nOwk-E7_6AOVGMRrrp_s10WAy8Rodl0_Q2Eg0OR34V2ZBlnt2MAMUJHjRs3RkJq7vJpKXT7kWySKR_5G4t0cK9BvbLjWISW1QKLGce6NOy7YQ78vAwmWAmNwYK5LZxFauyKhJm4l_oDowrFG4cdi-uyZKeXIIJbIEHLCF2j6EwHZSfL1-CCf2WGNJ9KMihLwtin7Q&sai=AMfl-YRo9TdXc2xD33YYfR9JB9m5Pz72ejb5LK8X6-G60E-kfQIolUhtxikDhWdTMmi3iwxEVkSrHM8-E5mmFyvIrkJnlyQhFvf_w_7WETIbXgQIQCZqob8zKRDhythPDBL5chHi2DRUadUY9ZpkvqY2mF4lq0jFAUfcsSCn9yCpx_HCWMSugN5MDNDNlrLSD1rMVSKHypXBRnbYeg8AXHJjftyvTC3g_7a3Eg&sig=Cg0ArKJSzO_MuYirwLkvEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.36.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s10-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Fri, 20 May 2022 10:12:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame 3C05 0
0 125ms
50ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6y0QEQpvfjARi5jtvJASABMAE&v=APEucNXOYgYyElk-ya7p4GQN6elrzeFCZB9vYibXfuh_mi7S4kdKcmzDqUbbr3IZXCPL19PWb-4JVU1ZFych_TjCfW9Vmws2MQ
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3C05 0
20 B 71ms
70ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:12:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMI3J-w0-vt9wIVhd13Ch1K-Q01EAAYACCU4dlROhoIm9qCkAEQjPLAr_oDGPX44t8DINeKiIO7EEITCKnF5dLr7fcCFSjruwgdLCEDVw;dc_rmcid=CAASKORoiMbfnM7_5ROcqh6X7J5ZPlKBf0LfoQf4dEgWAqHBbn8EuujLzco;eps=CIjhgBAQARg...
ade.googlesyndication.com/ddm/activity/ Frame 3C05 42 B
494 B 183ms
74ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI3J-w0-vt9wIVhd13Ch1K-Q01EAAYACCU4dlROhoIm9qCkAEQjPLAr_oDGPX44t8DINeKiIO7EEITCKnF5dLr7fcCFSjruwgdLCEDVw;dc_rmcid=CAASKORoiMbfnM7_5ROcqh6X7J5ZPlKBf0LfoQf4dEgWAqHBbn8EuujLzco;eps=CIjhgBAQARgd;met=1;acvw=sv%3D926%26v%3D20220516%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D20053%26vmtime%3D18%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D879965996%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1653041551820;ecn1=1;etm1=0;eid1=200101;

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:12:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 3C05 42 B
64 B 73ms
72ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssxDh2FFNiEVrIjBIjHMGHTsfaoaaXhvfosowKUbl6rQ4hskj7zQNQksPSjQQqcbQRz49xUkAJnQJ89T4iAygn5MT6O_yuBJih3UdfobXT_SsX9TrUb832BTPoV&sai=AMfl-YTpM32wo7VMki985drpQVOmeeSYo0mAD-upPZVgsO4bcaT_qZqXdayVSGwFsA-jkAqxldzd910dfo4DxhQo4f2VcBm8KAmUWo6rfDIeizxh9k0zYBbIqReQMiXLgcOr&sig=Cg0ArKJSzI9tFyTAuwC4EAE&cid=CAASKORoiMbfnM7_5ROcqh6X7J5ZPlKBf0LfoQf4dEgWAqHBbn8EuujLzco&id=lidarv&acvw=sv%3D926%26v%3D20220516%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D20053%26vmtime%3D18%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D879965996%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1653041551820&avm=1

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:12:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 3C05 42 B
64 B 124ms
49ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Ceq82jWmHYunKFqjW7_UPrMKMuAWz4_uNateKiIO7EOSCu_uaAhABINnpz3tglYKAgJgHoAGX_pvwAsgBBakCV9Qjr1W9sT6oAwHIA5sEqgSiAk_Qk8TIAQ2UZ1n7gEJEVOHvqczYfEF7WdQxaAK6TW7Mo6rlh9BSGBnOtsYtMSFHVHmza_zbKlF6SRzRPhyVcvKPKRKtFy9Bo5c87vgzAmS739xQettFdMnmzof9ENutMs9RB3mMnVYYzfZFnPilPlo1Jsw8S7W4m3O3JtWcnVvFZQz4d8Z_gu9juKlMLY9c0rsoqFB1tAeooais6jdtPbi4o6QX0F3f-z76Rqiw6ouy5_s1PVHFL_ZOFkV0jDsDrIDFrZCHGULr3UXTsQTV6ApsCpfHKS9Dy5K-1llot33m1ON8H1H9H9223DCeke6JWU2q2H4HlT9ifGgtK8-AcudfkcaukI98Ga_7DFLnO-BQUxrgTMKsY0v5vbAKlNWrqwk_wASM8sCv-gPgBAOQBgGgBnaAB9GB5I8BqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgdgAoDyAsB4AsBgAwBsBPOtY8PyBP1-OLfA9gTCogUAtgUAdAVAfgWAYAXAQ&sigh=rG_wO3de1AM&label=vast_creativeview&ad_mt=18&acvw=sv%3D926%26v%3D20220516%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D20053%26vmtime%3D18%26is%3D18%26i0%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D879965996%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1653041551820

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:12:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 3C05 0
17 B 70ms
69ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~l3ea9cej&c=8656233477000&slotId=4328116738500&qqid=CKnF5dLr7fcCFSjruwgdLCEDVw&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=660&mt=video%2Fmp4&vs=854x480&dm=20000&met.4=ff.1yq~videopreviewstarted.1yr
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220516_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:12:31 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 3D95 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1cb148d7f7164f7323e646b00ce126ae27c13f58007831e6a8052e5fdee25dd2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 487B 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dbcc13069e2a5eefe95b34c02d300ff545cf10dbb49523a2c712568ccfab0fab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 50ms
50ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022051901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js?cb=31067705

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce4e941d8bad68278a1d7a85979fbe091201c49329bf35ced3d7bc9f4e035d7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 May 2022 10:12:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10608
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 65ms
65ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js?cb=31067705

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 20 May 2022 10:12:32 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 69EC 13 KB
5 KB 37ms
36ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://grand.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2576
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 20 May 2022 09:29:36 GMT
expires: Sat, 20 May 2023 09:29:36 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 05AE 783 B
534 B 364ms
170ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

193775c469b5382b7ffd0bcf9e87e2408e3eb5a76fa03a257b49875d4bb7287d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-awezWQXMsLkPBOhfNSWhpQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://grand.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-awezWQXMsLkPBOhfNSWhpQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 20 May 2022 10:12:33 GMT
expires: Fri, 20 May 2022 10:12:33 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js Show response
pagead2.googlesyndication.com/bg/ Frame 69EC 35 KB
13 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9caa3698b58479a78692e6303c5353d891066dc64fd2f4a34e14b2882fdb69b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 09:29:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2575
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13723
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 May 2023 09:29:37 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 69EC 0
9 B 37ms
36ms Image
text/plain 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?bDbBXA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:12:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 05AE 0
0 85ms
85ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022051901&jk=3250875346310100&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 89ms
88ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022051901&jk=3250875346310100&bg=!8_Cl8LTNAAZ4vKt9WLw7ACkAdvg8Wtj5dVrJp0KeaFgvJroZACgA1VeqKXui9-i5Jui8qldtDmPlyQIAAABWUgAAAAJoAQeZApHF2tqzwEcVi_tuEv7A4NLXo3mKJg9q66U83AP8vaNeGiGT8MIVl7Uc75h2Pk2iYGQYYtgknCo5US2pt93AMxlA6PwFYltfE4qDkMx3TgSwv5zOSQzy06sE9SBuQ5xnvrLth15JCrzgPyM4r1fm68nTjA_-C-DzsJg5zq1qcuevhqPMjvY6hQ2ilf13T-wmwgl6Plg93DwKmboh78CuC9oKrapHwpD9jv1yQ_4rIcmqzI1rofsqANhZunR_8LUyoBZHiIP3I38CbPkwtCWzW50IuP3F83cDFR4vUpkGu1UhOAmNQiSMJyD-tqlr-1agkVtp6Mz44bxshCduk8G_nfm5mmyqCdyLBxliYxhoqQ-sBbXckus-54Jl4e5ROC3mRrHKqHiqzRMkiRDLOZWxJzQpi7TY_1VmvhMwhq2GHNjIBHobL1mU5XD7Rw40Duo9eo2gVWIo4Q8TNNQVEFag6Kd8jWwQqWpSqZQM0bncFkb462wUJmw226fCHVf9APD6ZAYs67oMQuMmjyReNKknnKte4H3D2xhC0EixjKO6-KFkSoQU6YS0jgPEIZMpMvxTEHmdAxpf48LI45_IIraiznWkbNoL34JIPYSagwkXHLR8_YLiQPkkQmvlG6ojKOwC8tDSC-e3gnLatRsVL_S0ue-UHBVEEHIDyf9Y97L0de-k8BT8STZXOFybDU7zxWDaOSTBLaHEJJph1IquxBvJyAFqM_6fxnEaZXaH9q9H4eRBGvu14v8fOwPB0j3EonVhnu68mMRIGdyLj0YQ5GfnzibzyMfCdBnrODAcTYcajjgWpfvrzlabwrkk2wn4nzTXg8cv4AHyO3vJWh_QBQ-hivJv7MFj3ehS9rxRIXC6xlXS-mQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 487B 42 B
64 B 73ms
72ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstJyRRWcma0xBpfgqCsD8D2AALt6I5xmr5p41cq-ErJinJqxVw66JO-6t5XJDJBwm63yzEPxiaeC_9dU4k88CBW6CqXZ1MwRhm8nJOILQNhE_2N42PJKxb_6JUN&sai=AMfl-YTNN1rN2yyVmk-STOa9xkQ7cz-FszsxbEsUNFP2NObVrwZSUuY9QwL_yRm8mVNXxViqyNHA06bc5-OYD4CvNTZXo9SNcrOJvLmqNTICqRWvev7mYceJumiz8ohyxxGT&sig=Cg0ArKJSzFMYCo_aijP-EAE&cid=CAASKORoLzcL7KCw13KSBPn-uSFItAQVaA27499gzicvZM4JlezqNldeV88&id=lidar2&mcvt=1000&p=60,315,310,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220518&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3062651269&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653041550027&rpt=2559&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:12:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_oe=ChMI3J-w0-vt9wIVhd13Ch1K-Q01EAAYACCU4dlROhoIm9qCkAEQjPLAr_oDGPX44t8DINeKiIO7EEITCKnF5dLr7fcCFSjruwgdLCEDVw;dc_rmcid=CAASKORoiMbfnM7_5ROcqh6X7J5ZPlKBf0LfoQf4dEgWAqHBbn8EuujLzco;eps=CIjhgBAQARg...
ade.googlesyndication.com/ddm/activity/ Frame 3C05 42 B
63 B 154ms
75ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI3J-w0-vt9wIVhd13Ch1K-Q01EAAYACCU4dlROhoIm9qCkAEQjPLAr_oDGPX44t8DINeKiIO7EEITCKnF5dLr7fcCFSjruwgdLCEDVw;dc_rmcid=CAASKORoiMbfnM7_5ROcqh6X7J5ZPlKBf0LfoQf4dEgWAqHBbn8EuujLzco;eps=CIjhgBAQARgd;met=1;acvw=sv%3D926%26v%3D20220516%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,168,299%26tos%3D2024,0,0,0,0%26mtos%3D2024,2024,2024,2024,2024%26amtos%3D0,0,0,0,0%26mcvt%3D2024%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2185%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D40%26pst%3D201%26dur%3D20053%26vmtime%3D2203%26dtos%3D2024%26dtoss%3D1%26dvs%3D2024%26dfvs%3D2024%26dvpt%3D2185%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D879965996%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2024;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1653041551820;ecn1=1;etm1=0;eid1=200000;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:12:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 3C05 42 B
64 B 73ms
73ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssxDh2FFNiEVrIjBIjHMGHTsfaoaaXhvfosowKUbl6rQ4hskj7zQNQksPSjQQqcbQRz49xUkAJnQJ89T4iAygn5MT6O_yuBJih3UdfobXT_SsX9TrUb832BTPoV&sai=AMfl-YTpM32wo7VMki985drpQVOmeeSYo0mAD-upPZVgsO4bcaT_qZqXdayVSGwFsA-jkAqxldzd910dfo4DxhQo4f2VcBm8KAmUWo6rfDIeizxh9k0zYBbIqReQMiXLgcOr&sig=Cg0ArKJSzI9tFyTAuwC4EAE&cid=CAASKORoiMbfnM7_5ROcqh6X7J5ZPlKBf0LfoQf4dEgWAqHBbn8EuujLzco&id=lidarv&acvw=sv%3D926%26v%3D20220516%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,168,299%26tos%3D2024,0,0,0,0%26mtos%3D2024,2024,2024,2024,2024%26amtos%3D0,0,0,0,0%26mcvt%3D2024%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2185%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D40%26pst%3D201%26dur%3D20053%26vmtime%3D2203%26dtos%3D2024%26dtoss%3D1%26dvs%3D2024%26dfvs%3D2024%26dvpt%3D2185%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D879965996%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2024&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1653041551820

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 10:12:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3C05 0
0 75ms
74ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CBKrBjWmHYunKFqjW7_UPrMKMuAWz4_uNateKiIO7EOSCu_uaAhABINnpz3tglYKAgJgHoAGX_pvwAsgBBakCV9Qjr1W9sT6oAwGqBKMCT9CTxMgBDZRnWfuAQkRU4e-pzNh8QXtZ1DFoArpNbsyjquWH0FIYGc62xi0xIUdUebNr_NsqUXpJHNE-HJVy8o8JEhDUlUVnVdpd19znYV-NbAQHjPcSvObOvfcQ2zbbJLQmZIx7XO2OA04UeFU9J_YjzLCfQLsdKz2l3xAd2zBmBvt3xoqBGmC4qbksel_Sud2rpXa1B12iYajrxaAWidroySBIE43_HnpP1qp6EvBV6uiK0HVx5k5WT0yMz6cNgcAXrjcYw8zQRUWpOesIDHfv9VGzFcaPJNrbQNd1o_3jfaDL7nS24StHoKarMsQXOBvDlhaJNZtql25K629M3W-zxqWDf20FpQI4cOc39LcQe8Sj9o5jRe95_UThZDAwvoqpwASM8sCv-gPgBAOIBe2w9Ls-kgUGCAMQARgBkgUGCBsQAhgBkgUNCCIQAxgBSI3StwFQAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGdoAH0YHkjwGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHChDSrhYYuY7byQHSCAkIiOGAEBABGB2ACgPICwGwE861jw_IE_X44t8D2BMKiBQC2BQB0BUBgBcBshceChwIABIUcHViLTU4NDU2ODUzODA5Nzk5MzYYpcN0&sigh=2_MkwikoJh4&vt=1&uach_m=[UACH]
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: truncated
URL: data:truncated

Domain: www.facebook.com
URL: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FZvezdeGrandaPrva%26tabs%3Dtimeline%26width%3D300%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dfalse%26appId%3D534904083375143

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yL/r/8YnRghvnApx.js?_nc_x=Ij3Wp8lg5Kz

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yJ/r/T76C0_1yFNq.js?_nc_x=Ij3Wp8lg5Kz

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iUY_4/yW/l/de_DE/nGwZIX76ikc.js?_nc_x=Ij3Wp8lg5Kz

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/MDNj1eUK5bV.js?_nc_x=Ij3Wp8lg5Kz

Verdicts & Comments Add Verdict or Comment

162 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
grand.online/	1970-01-20 03:53:29	Name: Bp89r74t731868OUPR9757p0k799z6Kv Value: s%3AQcN5Jlw00d_C3RZ3Gf4zek9lHtXJLgt5.APWk5Me1Bw16TocEjKMGvISqU6OitJ5R2h2JwyCgKC8
grand.online/	1969-12-31 23:59:59	Name: Value: cx_test
.contentexchange.me/	1970-01-20 20:27:29	Name: cx_id Value: 6287698dde5ad701f8ee206a
.contentexchange.me/	1970-01-20 20:27:29	Name: cx_last_match Value: 1653041549055
grand.online/	1970-01-20 20:27:29	Name: cx_id Value: 6287698dde5ad701f8ee206a
grand.online/	1970-01-20 12:39:29	Name: _cb Value: BH4EV59jLDvDN8XQI
grand.online/	1970-01-20 12:39:29	Name: _chartbeat2 Value: .1653041549257.1653041549257.1.B36BmR3T6kEBcNduKiubpBNe0gD.1
grand.online/	1970-01-20 03:10:43	Name: _cb_svref Value: null
.adform.net/	1970-01-20 03:55:19	Name: C Value: 1
.grand.online/	1970-01-20 12:39:29	Name: __gfp_64b Value: UtHK3ZTlklKd7y2chJ211JlcqSRlgCcUIVlkz35CQR7.E7\|1653041549
.grand.online/	1970-01-20 20:41:53	Name: _ga Value: GA1.2.543533847.1653041549
.grand.online/	1970-01-20 03:12:07	Name: _gid Value: GA1.2.740818324.1653041549
.grand.online/	1970-01-20 03:10:41	Name: _gat Value: 1
.adform.net/	1970-01-20 04:37:05	Name: uid Value: 2642475688712310473
.hit.gemius.pl/	1970-01-20 03:20:46	Name: Gtest Value: KlQHfRXGQMQGEtsOe56RTgGissGMXP8c25nSG6FiljHIXBG.
.hit.gemius.pl/	1970-01-20 12:39:29	Name: Gdyn Value: Klx78RaGQMQGEtsOe56RTgGissGMXP8c25nSG6FiljHIFRxSG7RrGS6GYgEBFlMMYH7hRjBGqSRxSG8.
.grand.online/	1970-01-20 12:32:17	Name: __gads Value: ID=cc93f4efe01bd867-22ca72d299cd00a0:T=1653041549:S=ALNI_MYlxyFI0dMW66o7kOtqeEQzZ1EUrQ
.doubleclick.net/	1970-01-20 12:32:17	Name: IDE Value: AHWqTUmHk_tGqQd1sUIZXAUrxvVbx1IyySmUQ5OYHREhSTwD-gqn7BWogFlwj8aVjZM
.criteo.com/	1970-01-20 12:32:17	Name: uid Value: 7daf1584-efba-4b34-ab2a-e3a109cbb558
.openx.net/	1970-01-20 11:56:17	Name: i Value: 63a4686b-0122-4c63-8bb4-0965a89f5766\|1653041550
.adnxs.com/	1970-01-20 05:20:17	Name: uuid2 Value: 8135778969936897348
.casalemedia.com/	1970-01-20 05:20:17	Name: CMPS Value: 3260
.adnxs.com/	1970-01-20 05:20:17	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C$Ml%XW?!]tbPl1M>e)ZlrFUfJ+tGXvWBG>aasDz/b>Fu?m]KCV>xA.oiHc0PX?aTv0.bpRzqF1`*b^/[)jbSj
.adnetwork.agency/	1970-01-20 04:37:05	Name: cecxh_u_key Value: 9f5acc68-2d8e-426b-87c3-cafc0d6b69bf
.adnetwork.agency/	1970-01-20 04:37:05	Name: cexh_red Value: 1
.casalemedia.com/	1970-01-20 03:12:07	Name: CMST Value: YodpjmKHaY4A
.casalemedia.com/	1970-01-20 11:56:17	Name: CMID Value: YodpjvAyMhGNQAO-.CkekQAA
.casalemedia.com/	1970-01-20 05:20:17	Name: CMPRO Value: 1122
.grand.online/	1970-01-20 12:32:17	Name: cto_bundle Value: rPT6O19ObGVEaW9SZUVsQUMyOE1tU2g0UUslMkZqcHRzMmJoY3V4WVpsRDNBWWxxSmpuMFRrJTJGaUFMOGhKT09ZZEdsYjZoYUtjJTJGVGZ4c2JoeSUyQjJVZDlORFVTcThaVHB2U2RCeGclMkIzVmxCOWtsc1JydDYwVFpObVRYJTJGWWs2eVFmQiUyQkkzMHFHNDVFVThXbUtJTFZqUFlVM2lJbUoxdyUzRCUzRA
.casalemedia.com/	1970-01-20 11:56:17	Name: CMRUM3 Value: 2d6287698e2760CAESEFDNIbzfmjRIwlAcfo6vX5I
.adnetwork.agency/	1970-01-20 05:20:17	Name: contentexchange Value: 42780e0f455920001cf0002f02d0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: data:image/gif;fake Message: Failed to load resource: net::ERR_INVALID_URL
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
javascript	warning	URL: about:blank Message: The resource https://rumcdn.geoedge.be/ce086b75-7730-41be-8fb7-52d3f2f48f60/grumi.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
adservice.google.com
adservice.google.de
analytics.contentexchange.me
bid.g.doubleclick.net
cdn.id5-sync.com
cdn.jsdelivr.net
cm.g.doubleclick.net
collector_sr.contentexchange.me
connect.facebook.net
consent.cookiebot.com
consentcdn.cookiebot.com
csi.gstatic.com
dmp.adform.net
dsum-sec.casalemedia.com
f450e1b90ebf204b94d2caf026897d52.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
gars.hit.gemius.pl
gcdn.2mdn.net
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grand.online
gum.criteo.com
hb.contentexchange.me
ib.adnxs.com
id.sharedid.org
id5-sync.com
images4.contentexchange.me
imasdk.googleapis.com
ls.hit.gemius.pl
match.contentexchange.me
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
ping.chartbeat.net
platform.instagram.com
prod.uidapi.com
r1---sn-4g5e6nze.c.2mdn.net
rumcdn.geoedge.be
s0.2mdn.net
s1.adform.net
scontent.xx.fbcdn.net
securepubads.g.doubleclick.net
static.chartbeat.com
static.criteo.net
static.xx.fbcdn.net
stats.g.doubleclick.net
sync1.adnetwork.agency
sync2.adnetwork.agency
tpc.googlesyndication.com
tracker_ug.contentexchange.me
truncated
ug.contentexchange.me
wrappers.geoedge.be
www.contentexchange.me
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.instagram.com
static.xx.fbcdn.net
truncated
www.facebook.com
109.206.161.115
109.206.182.78
141.95.47.70
141.95.98.67
142.250.181.226
142.250.185.162
142.250.186.130
142.251.36.66
146.59.30.108
178.250.2.146
18.189.50.18
185.97.52.29
2001:4860:4802:32::3
23.35.236.247
2600:9000:206f:6200:4:b37b:9440:93a1
2600:9000:21f3:de00:2:d490:4d80:93a1
2600:9000:2315:9800:18:1fcd:351:7bc1
2606:4700::6810:5514
2a00:1450:4001:66::6
2a00:1450:4001:803::2001
2a00:1450:4001:803::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2008
2a00:1450:4001:812::2002
2a00:1450:4001:812::2006
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::200e
2a00:1450:4001:831::200e
2a00:1450:400c:c01::9c
2a02:2638:1::13
2a02:2638::3
2a02:26f0:1700:11::b856:6785
2a02:26f0:1700:794::f09
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:2880:f21c:81c4:face:b00c:0:43fe
2a03:2880:f21c:81e5:face:b00c:0:4420
34.102.146.192
34.120.107.143
35.244.159.8
37.157.4.25
37.157.6.235
37.252.172.123
44.194.96.154
46.105.202.126
46.19.11.36
46.19.8.15
46.19.9.11
46.19.9.32
46.19.9.50
5.22.184.38
52.24.215.1
74.125.133.154
0197c87f510903f431ae77f6d78c41e432c6cb763267be5c2bc57987c4876d02
0343a7a10df4257f535e4ea0ac18c9d9436eee11e34def6494525640026ff63b
04d64f65072f624d3a1c5c29b27f02e1d8c09aad3d1f7b1a2b86f200cdc883aa
0772ef06c910ba5884b31a93d70b53c1a00c50b0d4293da1fba18ce4553d8126
086131e69c0bca621baf47330f1f9d809bdda02344355fb32044a3769a28a624
0a557971a177c79e7b3cf729b2f4e0d6bad458170a3851850ecbcd0c7cc5b6e1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0eafb86acbeeb215be57085c7a657f00a5d3d678c38721759afcd79c7fe7e30a
0ee0b7b434eb5d5d727aba90b6e47dc168a3c7b4c582f3ab5e6aeb63d42fe107
0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18
110e457b0c1aaf315acc7dc18ed5100b459e7fc0d5c4ccc39af83f81bfb586e7
11b23e5e769b4defc94abc5e853a128ddc998ec55079374f433198b6f5320add
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
139b3307b84002a4c0f514d9899c8cbabf4f08a601e5e4d7d2897ee47bd77069
15944a76cccc83b3f5385317a2494b26c0e6c4bdb1514e5b8b889cfdd294b713
15c001519dc1296f39660e3857f63ee90b0196835ec033c7026435de0cb752ce
16089cad50034af52ebca1e2e7c310f76b4b6f625b89ad07d5b59ff377f332b0
1694434ab2c09bd57c2c84b62e49a1d4726645ca6c47e4c521dd4c9ce8bd1479
172e2246438b6eff65e86e6ce41fd12720f6a2139acc1b555f93c8c87e1d2af8
17e309563041ceea933a5de09dda57eb3f99490aea47f8fedc1ecc70e60e96df
193775c469b5382b7ffd0bcf9e87e2408e3eb5a76fa03a257b49875d4bb7287d
1b446bcae50da401465f47a793122285baf65f581395f515e743d5e70d33c4f4
1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310
1c8ee67c6c8104fb420447f3d36a1217e0753259119e6b0f65b11d62b40d634e
1cb148d7f7164f7323e646b00ce126ae27c13f58007831e6a8052e5fdee25dd2
1cc573ea4a3fa1b97e2995d23c205ca4967d06322e76fd0020f26cb4cf4b4194
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1f7a557ad6f33afe3c411dc307c0bb5b443b393c93431dc5fdc6e5724f22f269
1f9c84b6481c69fc620215604fb605b4c7503e2f3addc9f68d1ddc30a41da422
216920dcf855c0345269a347a7bebca5c0bee4407d70deb6f3dc48f014c5091d
228b816e3546e7e41a6c9e1c1ae1df62f8cb75b205335729b25e77d5b7447940
22b04e027387848488dcd5c19bcca157d65915c425b481c65be1d7fd2ff9ff37
2358eef82e19f11d27748db3055007ae32cc450a0c52aae4a1a95a45ff133048
2365f7ef55dcbcff9e4b0771fc4ffc75da34670e82ce61a5fadb8cdff842728b
239d680fbab8595308467c529a3f86da782970d8a5c9a1ea42a8f65c046f8079
2458bec05d6415f88b16aca0336c9cd090e86881d7929593fb9481c13427d784
24c02c018b5277d535e01b7d01d85441722bf229c8fc8121caa945ad48fafedf
25aee19e934cdfcab3a37ae773a36a9ac1321b4146cc469679abb92dd5514afd
2675ab1d1852f1aa30e272d7c2b1b9616e1f4771a94860e0d92bc7fca6c3c48a
2781e9e7c3f369b8fc7965e679b17b60b5b11eaae5da1e5045107bbdd9d568f0
27959adb07002b9ac7aa480b6357412fb96e7531af950c33714c8f9873aff5a3
27e04b1053f86860cd1976718facd34944c343aa5f81802892f18fd3f8aa0bcc
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8
2b6c5c61d31d9a294660a1999928903900aadb1eda143065f81b59e3c4770cfe
2d0fa19ca78d7db2dd8f246efe1d31a443b01d79be65ec9ffbb25f9e92a3c1ef
2fdf4489187268b3cd47a54f23214867aec9a39908818647e40263136c6f8914
302dc1d6a476fea2d5835e1e98b48c3e19c0488858e857a223fdbfc06806ebb5
30fd45cd263e108ba66882028c972c84a01f71f4719d8322ce9053497ef69d0b
3160190633620fd3f9a6ba11310882766c9a3d91b92082661cd95aceabf76a5d
31b4ba20cc14a0ceca4e0f21c01d61ddd2de674d58742e2c4240e51553f1d54c
31e2fe6b0c266793f7578d5f5bd8718c23432f6c12c4f9f299d55507d793e4a8
326be3571d7e848e44d172caed425df703c6f9d282f836e33e7a17b775a382ec
35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830
35f1bd33cae1c3679f2d59efad596b94c02482de4a8e978d37bdebd95b2a17c2
367d6afdfc741fb48d2d9310e47c3924b693459a74c882c0fc545ec5ed7d55d2
3876be8f01b243630b64993feed70d5df21116d3480be4d8e712e6e13cebf3e4
3a49cc14bb89463195fb38208d74f8dc42ef35f4e31db6cc47fd449eb1cf2f0f
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
3c92b02dc02a3c8f09d3b45983b439125c22d98c2d867a5564f0e4766cb466db
3ca8f9a8210bc6b71624e8a90888498aa627346a3d4ca0f711e79e73e6328bbd
3fb407f13924c5b7feec14a03619c2ca57f8044a5bbc872f79c96445e36ccf8b
3fcf5ff4c2b9410c11cd576050ca42ab35d8710a26a06f5a2fe8ef4b21efb3ea
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
41c0c864bac84f7b74a8bd2ff917e061920990f979f11ff79685b1c3be9c43eb
44815625f70f2d49317fe2e9f5adea7a8abdfec786db30bfeb64558c22feb5a3
44e23777b032aed035f2f95503061a68f0d9c7e59372e2f8254e1513511719c1
46533138ce94f0f5d3aad59d001a3985ef36d39c626a878f6cbb8915fb7760b9
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
490c42902a0c584b107ccc1d907344ae812e940884bda23faa0cf3afdb1a1f67
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4daee49ee6cecd1bf9e92fad93c6c9c85e1da15691220060e0c7d92b2ff6b1a1
4e931a6c65d3eb9699217179250fd1b38dd010b4fc02b84cb0acca98614323ce
4f073067d2773f2ed0efa7d4c04e75e21a5318f107fe73699063eec5a2704fd7
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50d6df7b3221685d092249c14f86481689b29994fc912b2f10554f4fff1eeeaf
5119f8380037c6b3abb9e14ee7d8fb84e4fd55794e38505dc73c198da07be53f
5196b3aac9fb9b1c37b8d3c5c0d30c61c683d742b41dd1ebd4ce10a179437fc2
51c26a3db49cf606e3e0a8ec45e34eb119889ac6df2e51b62252058a94740097
53214c5f75dc1c9417b5e7225fcaa6b3d0968579b13e640bdeeda9131124ff42
533608fb61d63d334653a5076d7fc949c17bbf33bf8219e21dbfa650a25133ee
5380c721af33202377a3c3b70f20697d1a5883f6abfabd089406c64c231de81d
541d57d00e3a0e69772bb15b9fe9d74aabc46e8a118770bdaecded859c79ca28
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
569a5642be190263d25d138067711515c0f7257f40c0abbe789a3b06300b335f
57297a89d38d2df491eee1c859dd55e415ecdb0a27b3441a89a8939398756771
57369f643f1fba58cb7454e7287f2613af75c97e79b627d747211fbcbd4c16e2
598a415b7e067fa0d86676fae6da1d87954b99b5f985ceb3f7990551c1eb2808
5b21e5b0c82489be94a4b50e4543ce6b35bad3526dcaf0a7e220cc5ab01a0013
5f71fcc2d00d22ffd4d9a07b64c435f88de80893f838fa64a45c386cbba0c601
60c2543b4a8317b497c60da4ce3ace29bfbb372caedb091c8f52d124b0a5dff0
6167d5dea19f6b6b7758a5b4086a308ee74ba439eade5ffaa4b94652139a79e8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6273bbe2d073be457be08c9f3587fe63cff2293e814a2496bc874052777495e4
65f5314f04718a775463da7b30aa335077eaddc201a9d692c0ac4dbe54bd0f93
680e45e0a3c168189215b10f80ca91da49e634f4f7ac78ef653a393fa02c30f8
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6b3f0a6d6a59d8015a0f304089d399067747d2618e48cce61474983bf0e76f7d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cb9ad6a55b7ee042a452b81eea9f28e250023698449022728f9ee950355503f
6ccde1fd7072ebe8f8a5b3da6f2027ab1e4939ec932b1bb2e201eab4e300e9a0
6e5f1317cc82513c64ed99253fb671fcc6d6b8c5078776a38d7f89da22e75d2d
6f257edabe410880b910383367d37185d0060cf85aa5db2a9b37a67e314c2b2b
6f7549476e90a5b9cd90165c1eb5a4e41d3d0f2d45512fe1af1209de9b281ec3
738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104
77b8581a4bb29e43dbf4b4e86c8a99fde8b099fcd46976604ec355c1adb58e6b
78526ac509a71a338fd7659197f80b4a153b6c4cdd4d61240511b78e47370834
799d2141fefa365654212eb720f7326886b4a6586e88cc38b974144d202fee4a
7a3fad5ac95d03b883f6b6a128ac8a745aa06df4fe6d9b807513bd1f417bf701
7b5838872362fcb56b41e426cdb5073006164d97524ac44902f5749e1da20e56
7c2dbd98ea9364910d04630ac9c68e3639ce0601fbe7a0edc53f67a88ad40f64
7d880e63c31985db774019cf0f0673c7b0d6dda6ec7a20d2f8c8f33bf5227850
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
7e8a9e8941b64b40f430f8cb76a29cbe22d95efecedd91489ad1a712f07688f5
7ef666c3e4863dc99388d74784ece59a7d89412b8d9645544da01ab272aeaa14
7f214d089806ff1a20e2cf6022b7a46766a8bb7ac1602781db3ad879fdf9acb9
7fa8a6bcca3dacc9cb960b9e0b828938dc0aba7a2be197b629a1b11766b9fe49
80eb5d1b96046c4c88351201596ea3be013f52e6f3850a32a4e350387af3d8be
814350cb80eace8c285085c51b4cfa32ea2571d9894beb272a2b8fbf35f19cd9
816beef25da65daae2c0d284e2f8325f5f6728cfeedf2f209eaa771f4494ce9a
818ce38e548c8222a2d3d31e6739658683964f9233ae770d41a918ead12001bd
819f93b84beb4cdac19ec3e8cfe9baba1c863d9221ff0c26457eb7a34d779569
8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb
878605f192b95f9a0a7e129cc3cc1dcf7a2754eab3601cf5d00f7ddbb81bf96d
893d972d6501d4bcc4f3863df54fb56bef8d43d71d5fc17aacd2e3c630abe06e
89ac9ac9042c7ef410ab439837b270dd2dd9f6c545d9383ea8969a35c945cbd7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8cf55fd0c497d122a37fab46f15df131d74b0a098600328e59d6026736f11f8d
8d19c9839b2349a1f36147a24007dc8ede1385c6120813f51b981662938f9858
8f327829d94bda1536bc1a970fbfd21ce22bb0f048cd9437ce9a1f0401cd1b9b
8fc7507602c37c5bfee8bb08ceda0b99d0ddf72c54a0c6c46dd6b54dac40f1ae
90fc0d4d2666d3f5b0ce950a759f03f7755f52012ba11c5d68bad84ab0ea9a3d
92c644be29f8343e67fec8047418607ade30866511dd221e26de876fa22222b5
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9756fc7cd3cc16345a37b7786decfc1b81252d208dad76c16819637c61e35a5c
97d9589325e5fe0bf92bd3798ea970cb4e6744353ae88490bb13c88b9bd9324a
9a24017b5ad0098ae39fe0dbf3969aa331286d0c03cf61747322bfc507042487
9b4ac9ab8a0e2d104be38e05caceb07d2ccd1709bc97e5ceaf067bdd5cab2a9d
9b79f241192c69b3ba86c6a7ab1b53b5d0e6d518df418586a940318032b1cb29
9c2ea9027801b5af169fb62d0cda28d58db4e94007e94fd5d37bd7868d9648b3
9e7f75feb11e081657af9a3fb839273904e3b0b898fe6668cfa3a38ab3598325
9fc41ab218a9c82ec669010c33d41ee7bed29cb75771c004b0e8fbcdd9632468
9fc62d99ca580e914d7af298fd36b6926ba2b1e6c97ab21be0f9022f9c665816
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a082bfd96630ab857ec08e4e0055175aae987aea275d450f048ec3fee5de5383
a0d5c3ccdcf05c44686b3628a8eec5c79c3e5caf044aca9b1a7453e05c3d3e0f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7db7607822081e6516b09d1ec4acece3f12d70b1ce669662d75294b4c7ff353
a93319dfeca5cfffb65c42e156e2188e48db7f4e7126e105c594b7467bd6d7e3
aca07c1ff13e6a8a82a83f2f405c95a765afc312d8dd691e07fa1381233a5626
ae65271b9235f8c51c351d51f65c49a99eccc5a1d51633d6bf57f5182acafdfc
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b076e86301cbee8c5c9aef51863a9c0a88e6f6d2aabdffca93e031113c6caa74
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1608104cba710909d93dd0ab41046bd7b95680a98f63b09b1959224777384f0
b23d1eddfec3cc0a2386ba1816021fb2604d60df21f3b92b6efa811864ed18e2
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b2b1dec112659f4ebebe1b62a838d3fb57a67fb0d31baa1371c3fe5420643120
b2dc248d1fd585f00cfd57fa0094fae03a5379b382a8757603a41f048208d5a1
b30834983802017e7ed429dea80e449a3dafb04f9aa100f6b5a9e6a19ae8e1f2
b431ad89535391a209aff578787562914a904f3d29a76ea5ff97b913ec66c23e
b9f1cadf29bcf6a24ce165552be9121d9c2e80a98ff3020a90d12021c0730b80
baea5caffda9109fe3fe251376d60a25ea43c846fa7bb8dc4b15da44a78c6760
bb78aaaf7eb9bbb3df028bfcba8fcce6d9db654085b898b75934e38e73757089
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bec88eebe3e74cf703e75d985c2fbed93b84956c4b9161c7dbc1cb39ea299c78
bfafefab6495db40df1cda93e99fba7f01384e766cb8c414735ba965c7b84d65
c0fc92a1d6ee5f49a6eb88bc8e41ef9e94cfdd2f8069f19a7c10c03751df163f
c2990915dc77b7e79a1b72e91b29f88e3966ee113fb6fb4bfb62ef4d72bc3a9c
c515a6d355257084f2a1298a16c8e6ed9a8c87519e6be64de0aa5d759af6d983
c52a931e1e82748cff94f345fe412b44aca9c82fc9fc3286618c873f89035dfc
c5a310590b84ddb8c45b12b32267c95961a7fc4f7bbd13828113d00abfdd24b4
c68f78ab5b36309b244041c15ef4163aac66ede31ee53b2d4271b1f7aae1a6cc
c90c8315404fb49e4bb73e260db7ab396eb1170f331f18222c19292d72424b6f
c92a4a5ceadffb016174565303c073aeaaaebb16c86bc772799bce0c6bbeb6c5
caceed49a3e4435282ce5150b9fa794a5a1146941a459cab3e951dedfc7afad1
cbf163bef3aff6ae661c0d52b6c104b4e510b263d35707d74a3cce1901e69e87
cc0c25caedac0b14b6d0ad1365d4a23429d1d783be546c775d406e761fd14320
cd7288102e2f4549609d9f8abbe723dbf6343e7dd70affdc1f3cfc92b0796b05
ce3cfcdef35db3505e95a6d25e8bee74fc75ee0f67c1832dd40ae14566d0458a
ce4e941d8bad68278a1d7a85979fbe091201c49329bf35ced3d7bc9f4e035d7f
cec39ec74b600cc736c68de3fbf6654d56da9a73537834d9118cd64d6234a4df
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff68caa8d423781efaf6d8a777ba294c7d16739fcb97284870cab00bfbdbc3a
d0441413e84c482c0033f6a02f2a0aca73fa49c58852a05cbb279c036b0fb770
d3c597f5faa5fed401d4507930fe5d678f5f0b48c73a572c7f8c817caffd1bdf
d4efcb6ddae36dfb8c3b873fc81d9492479f82b360ce16c8ed7008f50443e24b
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d8cc1b6b96568166a18a44577d3b7bb25fda69efcae8249a2ae10c7c96580079
daf10bd3b413af46baf9f5ae42fa60e9d95f04ead18b0bc75f2973395ccd5035
db855d104d552660f447a438b3722b1a174876a2c0557e2a8f1738f9abce0e8d
dbcc13069e2a5eefe95b34c02d300ff545cf10dbb49523a2c712568ccfab0fab
de3f9fc9600a3419a5ccd86586f16b00b0295325cdde3b6d7f7d0cd7dceb1045
df54910144f36c8adaea680ebf82cd4f3a39147edaa8eb4a2650b2996da8acf1
df735c0cbff6fdac8d3c64ef35cd214c28ab2cfd4ee329cb9a55c23869bac3c9
e01570cd0dcec12d3e99aac52579c3692dff5ede51ae1e59e8b74be4635df724
e1cbe20b518b645a3e30b7a0e158de8b139450185ffcb351f9344e4f9f54df04
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e35e8b297de9d3031dbf4f4bbbadca673a9503f00d6cc3e65212daefaa566221
e3654f353d5f99c929dcbc6cd5d028fd054c4cd800bd97df26658530a56a17bb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c0b96b9699ffd83e2f5ba5b66427a3db71787bae77fd8df7a6f4cc7e2121a8
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e5ba265212313351bd9bda067111fd607a29d0d24f3aba37f968f8ce845d1b22
e5be30616d437d2baf9041a6648598542ae30fed30d261b002266e5d58969685
e779b2a44a9721993a448ac813dcda963e15dbfed35db5b0689403e36fdd28a2
e7afe3b38b16d5501c6adb1bba7c45ad58f4ede46d86b6945b228ef270685f6f
e8bd46f6d1400c67a5cd3b65cb72ba04e0b4dc8aa5d5521f74a1e2a0c6f656a9
e8c287537c67708aa38e91a2bd427e8ee691ca7ac3a264a2640eb6e36a72f811
e9caa3698b58479a78692e6303c5353d891066dc64fd2f4a34e14b2882fdb69b
ea51f498a2e11e522503ca4033674ae7233a3d2a5e5fe9c07491f5fbe5883ac7
ea76c98ae3087db3370ab358fad0c88f209d7498ac48a70ef595a9fac54920d7
eb7922e29fd9bbbb9e385c952731a93f50b0ba8d472cd16e65f66d18cf08ba4f
ebbd51aa1cdb28ea987c9d74147d4be8a02d07f1f990789fa0a35c6f7caf67e6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6d9f9c94434f8a10abd4428410593903b24b0a5a79c077029123b37c93d6f3
ef83c27672ff8a7deb1c012bd5f6cbd63fb21bf76b2770c38474c32c0fe04e74
f115a504013c59df16663d2dd7070caad69c12abafbeb5a666e29406bfaebd71
f26cbeecf910e06ba7ed31d1bf8d01c6d8195088451f626cff5bc3cefd0262d5
f4331717b2c00a9391779a78eeb46fcb600c48f09c67fe095589c75a245d6093
f4e19fe13a10e17fd15cb06c019c63b6527ec6c0f112e6fff969441b21fae24b
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6e8410a5cea6d37c6a0409f05b7142509f0be16a705c2ce701f84b4b59e762c
f6f7cb3b1af1f1fda712e5168630fdae7622c9da2ba457944108000773e4ab7a
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f93264606087b4c1dd4e0bb8bf2ed92549c53fe8b5f095d214c4e72a765f5482
fa0147199db3b4eba5a549e5d648f6c5d77aa66e5e0c453a061eb440b95ebe51
fab10ef0b40c2e2da0973e0697903d144e8ef0e2de7096466d86b7b5312b8134
fab221d7ded012559b6b6da267de375de9caed782e23c92bef7bb8994a68eef9
fae0b8f255ca326bdbbafdffae74342b6eac771ef68a71072ec1eacb70dcd39a
fb4a1ce6dfcba35211052403191f739a43aafef3ebab7af5e3866d02da0e60fe
fb8f89b99981d538e19e0e3fc2511afa4c227177011dc76c8e5735d4e689fe19
fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b
fd4801631ecd42c3f5b571b88c10aa428968ec95ebef8856fa720a45201f6cb0
fd852854b011e82c920073069e31f0ad76a933aa554413e936d26c8dd73d807a
fe764d80ffd7489519ea32b5eca9e4ef0bd239717448a8148de07398e1c5cf0c
fe9a9c6a5ac3a7561f25bd9d9ac29ec47bf804de79c3cd9cd35225baf137f879
feeff1b73fc856bbaa909aecd74cd3918a41d2f0642b773831da45ad969317e9
ff8a921069f33402a4aa8ab5654d6c3d1027b7739e20b3eaddcbb6f80c67403a
ff9c62afbb0f39e487474bc9f1e286ed22c0999232a735ada869d5d03746496a

grand.online Open in urlscan Pro 5.22.184.38 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

310 Requests

94 %HTTPS

51 %IPv6

34 Domains

64 Subdomains

56 IPs

8 Countries

12903 kBTransfer

17845 kBSize

31 Cookies

69 Outgoing links

Page URL History

Redirected requests

310 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

grand.online Open in urlscan Pro
5.22.184.38 Public Scan

Screenshot
Live screenshot

Full Image

310
Requests

94 %
HTTPS

51 %
IPv6

34
Domains

64
Subdomains

56
IPs

8
Countries

12903 kB
Transfer

17845 kB
Size

31
Cookies

310 HTTP transactions
8 data transactions